After implementing any of the hotlink-prevention techniques described in our previous article, you may find it necessary to disable hotlink-protection for a specific directory. By default, htaccess rules apply to the directory in which it is located, as well as all subdirectories contained therein. There are (at least) three ways to enable selective hotlinking:
Place hotlink images in an alternate directory
This method works great if your hotlink-protection rules are located in a directory other than the site root. Simply create another directory outside of the directory containing the htaccess rules and place your hotlink-allowed images into that directory.
Create a pseudo-rewrite rule for the target directory
If your images are located within the influence of your hotlink-protection rules, and you need to enable hotlinking for a specific directory, it is possible to circumvent the anti-hotlink rewriting for that directory. In the htaccess file for the target directory, add the following, pseudo-rewrite rules:
# disable hotlink protection RewriteEngine on RewriteRule ^.*$ -
Turn off the rewrite engine in the target directory
Ahh, the joys of simplicity. If neither of the previous methods seem appealing to you, perhaps the simple elegance of this effective method will inspire you: turn off the rewrite engine in the directory that houses your hotlink images. That’s it. Simply add the following line to your target directory’s htaccess file and enjoy immediate results:
# disable hotlink protection RewriteEngine off
Any one of these methods works fine, but disabling the
RewriteEngine in the target directory is by far the most elegant solution.
An alternate way of disabling
mod_rewrite is to flag the last
RewriteRule with the
[END] flag. For example:
RewriteRule /(some-other-rule)/ https://perishablepress.com/ [END]
What about enabling hotlink-protection in a specific directory? Read on, my friend..
Selectively protect files in a specific directory
Protecting the contents of a specific directory (as opposed to all directories) requires a simple addition to any of the anti-hotlinking measures presented in our previous article. If, say, you wanted to protect all files located in a directory called “
private,” you would modify the
RewriteRule as follows:
# protect all content in private directory and return a forbidden error RewriteRule protected/(.*)$ - [F,NC,L]
# protect all content in private directory and return a nasty image RewriteRule protected/(.*)$ http://domain.tld/hotlink.jpg [R,NC,L]
In other words, prepend the name of the target directory to the list of protected file types, which in this example is all files, as represented by the wildcard expression (