Three Ways to Allow Hotlinking in Specific Directories
by Jeff Starr on Wednesday, November 28, 2007 – 3 Responses
After implementing any of the hotlink-prevention techniques described in our previous article, you may find it necessary to disable hotlink-protection for a specific directory. By default, htaccess rules apply to the directory in which it is located, as well as all subdirectories contained therein. There are (at least) three ways to enable selective hotlinking:
Place hotlink images in an alternate directory
This method works great if your hotlink-protection rules are located in a directory other than the site root. Simply create another directory outside of the directory containing the htaccess rules and place your hotlink-allowed images into that directory.
Create a pseudo-rewrite rule for the target directory
If your images are located within the influence of your hotlink-protection rules, and you need to enable hotlinking for a specific directory, it is possible to circumvent the anti-hotlink rewriting for that directory. In the htaccess file for the target directory, add the following, pseudo-rewrite rules 1:
# disable hotlink protection
RewriteEngine on
RewriteRule ^.*$ -
Turn off the rewrite engine in the target directory
Ahh, the joys of simplicity. If neither of the previous methods seem appealing to you, perhaps the simple elegance of this effective method will inspire you: turn off the rewrite engine in the directory that houses your hotlink images. That’s it. Simply add the following line to your target directory’s htaccess file and enjoy immediate results:
# disable hotlink protection
RewriteEngine off
Any one of these methods works fine, but disabling the RewriteEngine in the target directory is by far the most elegant solution.
What about enabling hotlink-protection in a specific directory? Read on, my friend..
Selectively protect files in a specific directory
Protecting the contents of a specific directory (as opposed to all directories) requires a simple addition to any of the anti-hotlinking measures presented in our previous article. If, say, you wanted to protect all files located in a directory called “private,” you would modify the RewriteRule as follows:
# protect all content in private directory and return a forbidden error
RewriteRule protected/(.*)$ - [F,NC,L]
..or, alternatively:
# protect all content in private directory and return a nasty image
RewriteRule protected/(.*)$ http://domain.tld/hotlink.jpg [R,NC,L]
In other words, prepend the name of the target directory to the list of protected file types, which in this example is all files, as represented by the wildcard expression ((.*)).
References
- 1 Shouts out to webpimps.com for this trick.






3 Responses
Add a comment
Proximuz – #1
Hi.
It’s there anyway to HotLink Protect my hole site, and just only allow one folder for hotlink. I like to use one folder that i store all my avatars and sigs to other forums.
It’s that possible?
Thanks.
Perishable – #2
Proximuz,
Um, yes, allowing hotlinking in a specific directory is exactly what this article is about. After implementing hotlink-protection sitewide (see link in first paragraph), return to this post and employ any of the three methods to disable protection for the folder of your choice. (Sorry for the redundancy — I just wanted to be clear:)
Regards,
Jeff
Games – #3
Great tutorial man… thanks for your help…… bookmarking this page…