Get 90% OFF the first month of your service

USE COUPON CODE: Q32018

T&Cs Apply

Prevent image hotlinking for Joomla using FTP

This tutorial will show you how to prevent image hotlinking for Joomla using FTP

Hotlink protection prevents other websites from linking to your images and files and thereby stealing your bandwidth. Let’s find out how to manually enable it just for your Joomla directory

This tutorial is intended for servers that do not have cPanel or some other control panel installed, or that have a control panel that does not allow you to automatically add hotlink protection to your site

Your website must be on a server that runs Apache web server with mod_rewrite installed

First, we’ll need to create a new text document

1) Right-click in Windows Explorer

frame03_1105

2) Go to New

3) Then, click Text Document

frame04_190

4) Name the file htaccess.txt and press Enter

frame06_182

5) Double-click to open the file with Notepad

frame07_191

6) First, type RewriteEngine on

Here, we’ll need to type several lines of code that will determine which websites should be allowed to hotlink to your files, which types of files the hotlinking restrictions should be imposed upon, as well as some related options

frame09_178

This enables mod_rewrite, which lets us control what Apache does with the URL it receives

frame10_171

From here on, follow along with the typing. Be sure to type exactly what you see, simply replacing “yourdomain.com” with your domain name(s)

Note that this is an intentional misspelling of the word referrer, dating back to the origins of the web. It is not a typo

frame11_174

When a request for a file is sent to a web server, a number of headers are sent from your browser. One of these is known as the Referer

Referers are sent in two cases: when a web page loads an image or other type of file as part of its contents, and when someone follows a link on a page

This last part is key; it tells Apache to allow access to any request whose referer starts exactly with http://www.yourdomain.com/

[NC] stands for “no case”, which means the referer specified is not case-sensitive. In other words, this line will match any combination of uppercase and lowercase letters

Now, we need to specify which file extensions to apply the referer restrictions to

7) Change the extensions specified here to whichever ones you want. Just separate them with the pipe symbol |, which can typically be typed by pressing the SHIFT key along with backslash

frame12_160

This is the URL someone will be redirected to if they trigger the hotlink protection

The R stands for forced redirect. Replace it with an F and remove the URL portion of this line if you would rather force a 403 Forbidden error to be displayed

Next, let’s add a few more lines to finish giving access to yourdomain.com

8) Press CTRL+C to copy…

frame14_154

9) Press Enter, then CTRL+V to paste

frame16_142

10) Delete the last part of the URL to allow the homepage, without a trailing slash or anything after the domain name, to have access to your protected files

frame17_142

11) Now, copy and paste this part as before

frame19_141

12) Remove “www.” from the two new lines

frame22_131

Both yourdomain.com and its www subdomain have been set up

Currently, the only way people will be able to access your protected files will be through yourdomain.com. Even manually typing the URL for one of your files won’t work. Let’s fix that

This does what we want by making the referer optional: Manually entered URLs have no referer

frame27_125

There are no letters in this referer now, so [NC] is not needed and can be deleted

Let’s add another domain name to the list

13) Copy and paste all four lines we typed for yourdomain.com

frame28_115

14) Now, press CTRL+H to find and replace yourdomain.com with demo1234.com for just these four newest lines

frame30_116

15) Press Replace until all four lines have been updated with the second domain

frame37_110

16) Click Cancel

Repeat these steps for as many domain names as you want

17) Press CTRL+S to save the file

frame38_19

Now that the htaccess file is complete, it’s time to upload the file to the Joomla directory using FTP

For this tutorial, we’ll be using FileZilla to access our FTP server; you can use whichever program you want

Joomla provides you with an htaccess.txt file that you can choose to use, so let’s find that one and rename it in case you decide to use it in the future

frame41_16

18) Now, drag and drop the file we created to the Joomla directory on your server and scroll up to find it

frame44_12

19) Right-click and rename it to .htaccess. Windows would not have allowed us to name it this

frame46_16

Whew! That was a lot of work! But, now you know how to prevent people from hotlinking to files on your Joomla site