Building the perfect website is hard work. There are so many things to think about before and after launch but a website isn’t just about user experience. As much as we would love to only worry about the things that make our website look better, we also have to think about security, performance, and cost among other things. The internet has become a space for fraudulent activity and there are always new threats to watch out for. If you have a public website, it’s important to protect the digital content it hosts.
Hotlinking is when another website uses a link to your website’s media (and your bandwidth, too) in order to display it on theirs. If someone sees a graphic, video, or any other digital asset on your website and wants to use it on theirs, they can copy the asset URL and use it however they please. It’s not illegal, but there are a few reasons why this is considered an unethical practice. Though there may be concerns of intellectual property theft with downloading images off of your website to use elsewhere, that isn’t considered hotlinking and doesn’t produce the same consequences. Here are a few ways that hotlinking could impact your website and later we’ll discuss a few ways to prevent it.
Cost & Bandwidth
As mentioned before, hotlinking allows other websites to use your bandwidth to host your images on their site, which puts more stress on your servers and less on theirs. This will cost you money and potentially slow down your site.
Ethics
Because hotlinking involves taking someone else’s digital assets and also burdens someone else’s servers, it’s considered a highly unethical practice and is very much frowned upon. There are instances where it is appropriate for example if you want to display media that changes across everywhere that it’s being hosted, but you should maintain the permission to do so.
Lack of Control
It’s worth considering that if you have original digital content hosted on your site, if it is stolen and hosted elsewhere, that content is subject to alterations thus potentially tampering with your brand image and credibility. You wouldn’t want anyone to use your content in a way with which you don’t approve.
Legality
As we’ve learned that hotlinking basically implies theft, that does come with legal consequences. Though hotlinking itself isn’t illegal, it is however illegal to steal and repurpose original content that you don’t own. No one wants to add a copyright infringement legal battle to their to-do list.
At first it may not seem like such a big deal if your website mostly hosts stock images and other content that isn’t a valuable aspect of your business, but it’s still worth considering how to prevent this and how to protect your business from extra cost and decreased site performance. Now that we’ve sufficiently scared you, let’s talk about how to protect your business from hotlinking.
Terms of Use
One possibly obvious move is to put something in your policies about hotlinking, though this may not necessarily prevent it, it might make it easier to request a website to remove your content if it’s clearly stated in your policies that hotlinking is forbidden.
Right-Clicking
You can also disable the ability to right-click. The easiest way to hotlink is to right-click the image and open it in a new tab, so if you disable the ability to right-click all together, it will be much more difficult to steal your content. Be aware of how this may impact your website’s functionality, however.
Content Delivery Network
You can use a content delivery network to host media on your site which can be faster and often includes built-in hotlinking prevention. You can also use an image hosting service which may help to decrease pressure on your server.
Watermark
If someone does choose to repurpose your media, a watermark could result in free advertising as it clearly shows where the media came from. This will likely discourage people from even attempting to steal your content if they can’t pass it off as their own.
.htaccess
You can enable hotlink prevention in your .htaccess file with some extra lines of code. Here’s what you should add to prevent direct access to image files.
RewriteEngine on RewriteCond %{HTTP_REFERER} !^$ RewriteCond %{HTTP_REFERER} !^http(s)?://(www.)?siteURL.com [NC] RewriteRule .(jpg|jpeg|png|gif|bmp|tif|tiff)$ - [F]
The way that it works is the server will check the HTTP_REFERER header to see if it’s empty or not from an allowed domain, this value checks to see that the request is coming from a verified page. The following checks to make sure the request is coming from a page that begins with http:// or https:// followed (or not) by www. After that it specifies the media files type extensions with which to allow or restrict access, then sends a “Forbidden” error if the request is not allowed. You can replace siteURL.com with whatever domain name you want to allow access to images on your site. This can be bypassed, however, if a user modifies their browser setting to fake the HTTP_REFERER header. In some cases, developers will utilize the .htaccess files to replace hotlinked images with offensive ones in an attempt to deter theft.
If your website does happen to get hotlinked, you can send the website a takedown request, rename or simply delete the files in question. If you’re looking for an even easier way to prevent hotlinking or any other challenges that take precious time away from running your business, our platform is the solution. You can build a beautiful website with ease and leave all of the maintenance to our expert engineers and support team. Team Virid can help with any and all of your eCommerce challenges and more! Thanks for reading.