How to Stop Hotlinking & Piggyback Bandwidth Theft

hotlink warningHot linking is a form of bandwidth theft. And if you get hit by someone using an RSS Scraper tool, they are using hotlinking software to steal your content as well. So what is Hot Linking?  Hotlinking is also known as Inline linking, leaching, piggybacking, direct link downloads, offsite image grabs, and bandwidth theft.

To explain it simply: if you are a law-abiding blogger, you upload Content and images into your articles using a WordPress enabled website that is Hosted with your own Hosting company.  In my case, my Host is Hostgator.  Hot link bandwidth thieves do not follow this procedure – they piggyback onto your bandwidth allocation, instead of using up their own.

 Hosting Bandwidth and Upload/Download Limits

Your Host allows you a certain amount of Bandwidth that you pay for with your monthly Hosting payments.  Larger Bandwidth accounts cost more than smaller bandwidth accounts.  It’s a similar system to the download bandwidth allocation and download limits, you have to pay for from your own ISP – internet service provider – for your home internet usage.

Every article and image you upload onto your website uses up variable amounts of Bandwidth.  That bandwidth is taken out of your monthly hosting bandwidth allowance.  If you have a large and busy website, it’s possible that at some stage, you will reach your Bandwidth limit, and be told by your Host that you have to upgrade to a more expensive Hosting account.

If someone Hotlinks data on/from your site, they are using your bandwidth allocation to Host data on their own website! The nerve!  You paid for it, but they are piggybacking off your bandwidth allocation, and ‘paying’ nothing.  For them, it is ‘free’ bandwidth – it’s bandwidth theft.

  How Hotlinking Works

Some other blogger decides to reduce their own bandwidth use, by hot linking directly to something on your blog (often an image) rather than uploading an image on their own site that uses part of their own bandwidth upload/download allocation.

Then, when an online user visits their website which has a hotlink (also known as a direct link, inline link or piggy back link) embedded in it that is hot linked to an image that is hosted on your website, the search engine picks up the link to your image and displays it in the other person’s article.

BUT…you get no credit at all for this link (back link) because these hot linked ‘visits’ don’t show up as an actual ‘visit’ in your data results…. AND it is using up your own bandwidth allocation as well!

For the surfer who is reading that other person’s article with your hotlinked image embedded into it, all the data and images ‘appear’ to be in, and of, the article they are reading. Whereas in fact, that article has no image of its own, it only has a hotlink (direct link) to the image or data hosted on your site – and piggybacking off your bandwidth allocation.

How to Know If Someone Is Hot Linking Your Data

Like many other things on my ‘How to Blog Learning Curve’, I found out about Hotlinking the hard way – when it happened to me.

Early in October 2012 I happened to scroll down, right to the bottom of my List of Referring Sites provided by Awstats. Awstats data feedback is included with your standard Hostgator Hosting account.  When I scrolled right down, I saw something that was weird.

There were a couple of websites that had been recorded as having lots of ‘Hits’ on my blog….but no recorded number of visits on my site.  One site had used 42% of my bandwidth usage for just one hot link!

It was really only by chance that I had spotted them. It was only for that month, and only a couple of days into the new month, (thank goodness) and not one single Visit or Page View recorded in my Stats.

hotlinking referring sites

Of course I had no clue what was going on. But… I did a bit of research and asked a few blogger friends, and found out that these low-down, no good thieves, were hot linking my website – Images and rss feed. Ha! Time for some serious ACTION! Yes!

What to Do If You Find You Are Being Hot Linked

Being a nice sort of person, I first of all tried to contact the owners of these thieving websites. It wasn’t easy.  They had no Contact pages,and they had hidden (private) Domain information etc etc.  I tracked down one of them via his personal Facebook page, and the other one by leaving a Comment on his site – there was no other way that I found to contact him.  However he never approved my Comment and published it on his site, even though I really was polite.  Honest! Smile

Both the offenders stated that they did not know why that was happening, and asking me to please forgive them for their ‘mistakes’.  In fact I had asked them to make their links into proper back links so I could see a traffic benefit from their visits, but neither of them did that.

But, the hot linking and inline links stopped.

Other options I could have used:

I could have reported them to their Hosts – the name of the Hosting company a website owner uses is always findable if you do an IP (internet provider) search.  I didn’t contact their Host to report them, but that would have been my next step if they had not stopped hotlinking voluntarily. I could also have reported their hot link bandwidth theft to Google.

I did find it interesting that although they both pleaded ignorance and innocence, the inline hotlink Hits on my bandwidth stopped immediately.  Hmmm.  Draw your own conclusions!

How to Prevent Hotlinking & Direct Link Piggybacking

If you research this topic of hot linking, you will soon find that this Hot Link topic lies in ‘The Land of the Super-Geeks’.  You can find any number of clever ways to stop hotlinking by adding HTML Code to various parts of your data base.  I didn’t understand any of them.  But if you do understand Code and are willing to tamper with your blog’s data base, good on you (ancient Aussie saying that means ‘Well done’).

But as for the rest of us – No worries! …I found a non-tech way to stop data leaching (hot links) that does not require any geeky Code additions or scary trips under the hood (we use the word Bonnet in Aus) of your cPanel.

1. Go to Your Hosting Account Control Panel

2. Scroll down until you see: Hot Link Protection.  In my Host’s Control Panel, Hotlink Protection is found in the Security section:

Hotlink protection

3. Click on that Hotlink Protection Link and you will see something like this:

enabled hotlink protection

You can see from that image that this screenshot was taken after I had enabled Hot link Protection.  I had enabled Hot link Protection by clicking on the tab which now shows ‘Disable’, but was showing ‘Enable’ before I clicked on it.

Now, if I wanted to, I could disable Hotlink Protection by clicking on that ‘Disable’ tab.

4. Also on the Hotlink Protection page of my Control Panel, there are options to Block Specific Types of Files.

blocks & redirects

To be honest, I can’t remember if these settings were already there as default settings or not.  But these settings are doing a good job of blocking hot linking for me.  That Redirect request is quite cool too – it means that even if someone tries to hotlink anything on my site, they will be redirected to my Homepage instead.

Some blog owners take advantage of this Redirect option, and redirect hot link ‘hits’ on their website to a page with Offensive messages such as, “This website you have linked to is HOTLINKING and STEALING my Bandwidth” – or worse.

I didn’t go the trouble of doing that, but some people do. Some people try to be humorous.  Others even link porn images into the redirect.  It certainly gets people’s attention – in a negative way – and that guarantees a speedy end to that site’s Hotlinking bandwidth theft.

You Can Also Block Hotlinking Directly via Your .Htaccess File

But beware! Unless you really know what you are doing, messing with your .htaccess file can cause all sorts of unwanted results. Your .htaccess file controls exactly what it says: the access to your whole site, including the Content.  If you don’t know what you are doing, you can take your whole website totally off line and un-accessable. You have been warned!

Another unwanted side effect of trying to block hot linking via the .htaccess file is that you can accidentally find you have blocked all links, and not just the ones that are hotlinks.

In order to block hotlinks from inside your .htaccess file you have to add several lines of HTML Code.

If you do want to use the .htaccess file method of Hotlink Protection, you can easily find articles online that tell you how to use this .htaccess file method. Once again, I didn’t understand any of them, but they are easy to find online.

My advice is that unless you know what you are doing with Code, and are confident that you have the skills to successfully tamper with the heart of your website’s engine – your .htaccess file…..just don’t.

If for some reason, enabling Hotlink Protection from inside your Host Control Panel fails to stop the direct link bandwidth theft, contact your Host’s Support team.

Here Is Where You Can Check for Hotlinks on Your Website

I found a really cool site where you can test to see if any of your Images are Hotlink-able. it’s a free Hotlink Checker at the website Altlab.  Just scroll down till you get to the paragraph headed:

How Can I check to see if my image can be hot linked.

There you can enter the URL of images you have uploaded onto your own website, and see if Hotlinking is effectively blocked.  Pretty cool, eh?

If you want to receive regular email updates from My Second Million, you can Subscribe to our free Newsletter HERE. 

Happy blogging, friends.

If you enjoyed this post, please click the Like button on the Left. And consider subscribing to the RSS feed to have future articles delivered to your feed reader, or by Email.


How to Stop Hotlinking & Piggyback Bandwidth Theft — 6 Comments

  1. Really helpful content, wish you luck dood!
    Im a developer and I’m having such problem now on my website, i wish one of this suggestions works for me.

Leave a Reply

Your email address will not be published. Required fields are marked *


* Copy This Password *

* Type Or Paste Password Here *

348,917 Spam Comments Blocked so far by Spam Free Wordpress