How to prevent image hotlinking for Joomla using FTP

14th March 2013

Follow these steps to prevent image hotlinking on your Joomla site using FTP:

Steps

Download and Install FTP Client:
- If you don’t already have one, download and install an FTP client (e.g., FileZilla).
Connect to Your Server:
- Open your FTP client and enter your FTP credentials (host, username, password, port) to connect to your server.
Navigate to Joomla Directory:
- Navigate to the root directory of your Joomla installation (e.g., public_html).
Edit the .htaccess File:
- Locate the .htaccess file in the root directory.
- If the file does not exist, create a new file named .htaccess.
- Download the .htaccess file to your local machine and open it in a text editor.
- Add the following code to prevent image hotlinking:
```
# Prevent Image Hotlinking
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?yourdomain.com [NC]
RewriteRule \.(jpg|jpeg|png|gif)$ - [NC,F,L]
                    
```
  Replace yourdomain.com with your actual domain name.
- Save the changes and upload the .htaccess file back to the server, overwriting the existing one if necessary.
Verify Changes:
- Test the hotlink protection by trying to link to your images from an external site. Ensure that the images do not display.

Important Notes

Always backup your website and database before making changes.
Test your site thoroughly after applying these settings to ensure there are no disruptions.
Regularly update your Joomla installation and extensions to keep your site secure.

Hotlink protection can prevent other websites from linking to your images and files using your bandwidth for their website. In this tutorial we can manually enable hotlink protection for a Joomla site

Your website must support mod_rewrite in order to enable hotlink protection

Using your favorite text editor, let’s enter the code to achieve this

1) Enter the following text in your text editor

2) Now copy the last line we entered into your clipboard

[NC] refers to “no case” so that a URL entered in either upper or lower case will be rewritten using this conditional

3) Now paste the line under the current one

4) Delete the last part of the URL to allow the homepage, without a trailing slash or anything after the domain, to have access to your protected files

5) Let’s paste the line again

Here we want to address both URL’s, those containing www. and without

6) And paste the line again, removing the text at the end of the domain

7) Now remove the www.

This makes the referer optional. Manually entered URL’s have no referer

8) Add, change or remove files as needed. Separate file types with a pipe ( Shift + \ )

9) The URL in the line that follows the file types is the redirect URL and the R indicates a forced redirect. Leave the URL out and remove the R from the square brackets to force a 403 error to be displayed instead

10) Now let’s write the rule that specifies which file types to protect

11) Select the File menu and click Save As…

12) Save the file as htaccess.txt and select the Save button

13) Using an FTP application, upload this file to the public root directory of your web site and change the filename from ‘htaccess.txt’ to ‘.htaccess’

You now know how to prevent hotlinking for Joomla using FTP