What if another web site is stealing your images and your bandwidth by linking directly to your image files from their web site? This is called Hot-Linking. 'Hotlinking' is a commonly used term for when another website directly embeds your images in a web page or forum. The simplest way to stop this practice is to send a 403 ('Forbidden') response when the referer is not your own site or one that you do not want to be able to display your images.

Do you want to prevent hot-linking? This can prevent this by adding this code to your .htaccess file

RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www.)?yourdomain.com/.*$ [NC]
RewriteRule .(gif|jpg)$ - [F]

Replace yourdomain.com with your actual domain name. With this code in place, your images will only display when the visitor is browsing http://yourdomain.com. Images linked from other domains will appear as broken images.

The next change you can make is to let your images be seen when your pages are viewed from a 'webmail client', 'search engine cache' or 'web-based translator'. For example, to display images for people using Google's [Cached] feature, add the following condition:

RewriteCond %{HTTP_REFERER} !q=cache

Want to show a ?Image Stealing is Bad? message too?

You can even provide an alternative image to display on the hot linked pages. For example, an image that says ?Image Stealing is Bad. Visit yourdomain.com to see the real picture that belongs here.? Use thes code below in your .htaccess file to accomplish that however please note that the donotsteal.gif image will still be loaded from your server so bandwidth is still used for this image.

RewriteEngine On
rewriteCond %{HTTP_REFERER} !^$
rewriteCond %{HTTP_REFERER} !^http://(www.)?yourdomain.com/.*$ [NC]
rewriteRule .(jpe?g|gif|png|bmp)$ dontsteal.gif [L]

This time, replace yourdomain.com with your domain name, and replace dontsteal.gif with the file name of the image you?ve created to discourage hot linking.