1. cPanel & WHM Documentation
  2. cPanel
  3. Security
  4. Hotlink Protection
cpanelui files bandwidth

Hotlink Protection

Valid for versions 82 through the latest version

Version:

82

Last modified: November 30, 2022

Overview

A hotlink occurs when someone embeds content from your site in another site and uses your bandwidth to serve the files. You can use this interface to prevent this issue.

Notes:
  • When you disable hotlinks, make certain that you allow hotlinks for any necessary domains. For example, your website’s subdomains and the URL that you use to access your cPanel account.
  • The URL for accessing your cPanel account should appear in the List the URLs to which you wish to allow access menu. If it doesn’t, you may not see embedded images in the HTML Editor section of the File Manager interface (cPanel » Home » Files » File Manager).

To enable hotlink protection, perform the following steps:

  1. Click Enable. A new interface will open and display the Allowed referrers and Protected extension lists.
  2. Click Go back.
  3. To allow specific sites to hotlink to your site, add their URLs in the URLs to allow access menu.
  4. To block direct access to files of specific types, add those file extensions to the Block direct access for the following extensions text box.
    • For example, to block all .jpg images, add .jpg to the Block direct access for the following extensions text box.
    • When you block these file types, others cannot hotlink to those types of files from your website regardless of any other settings.
  5. To allow visitors access to specific content through the URL, select the Allow direct requests checkbox. For example, if you enable this setting, a visitor could enter http://www.example.com/folder/example.jpg as a URL to access the example.jpg file.
  6. To redirect requests for certain content, enter the URL to which you want to redirect your visitor in the Redirect the request to the following URL text box.
  7. Click Submit.

To disable hotlink protection, click Disable.

Note:

When you click Disable, the system deletes the entries in the List the URLs to which you wish to allow access list. We strongly recommend that you save the list locally before you disable hotlink protection.

Additional Documentation