When other websites directly link to your images, videos, or downloadable files without hosting them themselves they’re stealing your server’s bandwidth. This is called hotlinking, and it can increase your hosting costs and slow down your site. Fortunately, cPanel offers a built-in feature called Hotlink Protection that prevents this misuse.

In this guide, we’ll explain what hotlinking is, why it’s harmful, and how you can quickly enable hotlink protection using cPanel’s graphical interface.

What Is Hotlinking?

Hotlinking occurs when someone embeds media (like images or videos) hosted on your website directly into their own content by using your URL.

Example:

They use:

<img src="https://yourdomain.com/images/photo.jpg">

instead of hosting the image on their own server.

This means:

• You pay for the bandwidth.
• They benefit from your resources.
• You lose control over where and how your content appears.

Why You Should Prevent Hotlinking

• Preserve Bandwidth: Media files consume data. If a high-traffic site hotlinks your content, it can slow your site or push you past your bandwidth limits.
• Protect Content: Avoid unauthorized use of copyrighted or branded material.
• Improve SEO & Brand Control: Prevent your content from being served in contexts that misrepresent your brand or violate usage terms.
• Boost Site Performance: Reduce server load by ensuring only legitimate visitors access your assets.

How to Enable Hotlink Protection in cPanel

Step 1: Log in to cPanel

Access your hosting account’s cPanel dashboard.

Step 2: Locate and Open Hotlink Protection

Under the Security section, click Hotlink Protection.

If you don’t see this option, check with your hosting provider to ensure it’s enabled on your plan.

Step 3: Configure the Protection Settings

You’ll see several fields and checkboxes:

1. Enable Hotlink Protection

• Click the Enable button to turn it on.
  

2. URLs to Allow Access

By default, your domain is listed here. You can add subdomains or other trusted sources.

Example:

yourdomain.com
www.yourdomain.com
blog.yourdomain.com

This list allows media to be loaded when requested from these domains.

3. Block Direct Access to the Following Extensions

Specify the types of files you want to protect:

jpg, jpeg, png, gif, bmp, webp, svg, mp4, mp3, pdf

You can customize this list based on the media types your site serves.

4. Redirect the Request to This URL

Optionally, enter a URL where users will be redirected if they attempt to hotlink your content.

Example:

https://yourdomain.com/no-hotlinking.html

This page can explain why access was blocked or display a generic message.

Step 4: Save Settings

Once you’ve filled in the appropriate fields, click Submit to apply changes.

Hotlink Protection will now be active across your site for the specified file types.

How to Test Hotlink Protection

1. Try embedding one of your protected images in another site or an online HTML sandbox using:

   <img src="https://yourdomain.com/images/test.jpg">
   

2. If set up correctly, the image will not load, or it will redirect to your custom URL.

Advanced Tips

• Be cautious with third-party services (like content delivery networks, marketing tools, or social sharing plugins). If they need access to your images, you may need to whitelist their domains.
• Don’t block your own CDN: If you’re using Cloudflare or a similar service, include its domain/IP if necessary.
• Monitor logs: Use cPanel’s Raw Access Logs or Awstats to see unauthorized requests and adjust rules accordingly.

Conclusion

Hotlinking may seem like a minor nuisance, but it can add up to real costs and lost control over your content. By enabling Hotlink Protection in cPanel, you create a simple but effective barrier that stops others from misusing your media.

In just a few clicks, you can preserve bandwidth, protect your brand, and ensure your server resources are reserved for legitimate traffic.