Title: Hotlink File Prevention
Author: swinggraphics
Published: <strong>ఆగస్ట్ 25, 2014</strong>
Last modified: ఏప్రిల్ 15, 2024

---

Search plugins

This plugin **hasn’t been tested with the latest 3 major releases of WordPress**.
It may no longer be maintained or supported and may have compatibility issues when
used with more recent versions of WordPress.

![](https://ps.w.org/hotlink-file-prevention/assets/icon.svg?rev=2439255)

# Hotlink File Prevention

 By [swinggraphics](https://profiles.wordpress.org/swinggraphics/)

[Download](https://downloads.wordpress.org/plugin/hotlink-file-prevention.2.0.0.zip)

 * [Details](https://te.wordpress.org/plugins/hotlink-file-prevention/#description)
 * [Reviews](https://te.wordpress.org/plugins/hotlink-file-prevention/#reviews)
 *  [Installation](https://te.wordpress.org/plugins/hotlink-file-prevention/#installation)
 * [Development](https://te.wordpress.org/plugins/hotlink-file-prevention/#developers)

 [Support](https://wordpress.org/support/plugin/hotlink-file-prevention/)

## Description

Hotlink File Prevention (HFP) offers simple hotlink protection that can be turned
on/off for individual files in the WordPress media library.

“Hotlinking” is when a file, such as an image or PDF, is linked to from another 
website or entered manually in a web browser’s location bar. HFP only allows your
file to be viewed on your website.

Hotlink protection is provided via `.htaccess` rules in the `wp-content/uploads`
directory.

### Basic Usage

Once the HFP plugin is activated, you will have two new features in the media library:

 1. Within the Screen Options tab (list view only), check box for the “Hotlink Prevention”
    column.
 2. To protect a file, edit the file and scroll down to the checkbox labelled “Hotlink
    Protection”.

Any asset that is checked will have “Yes” displayed in the “Hotlink Prevention” 
column; otherwise, this column will be blank.

#### Note about “Open in new tab” option

When you use the “Open in new tab” option for links, WordPress adds `rel="noreferrer"`,
which effectively makes the link act like direct access, and the link will be blocked
for files protected using HFP.

## Screenshots

 * [[
 * Checkbox in the file edit dialog

## Installation

 1. Go to “Plugins > Add New” in the WordPress admin area.
 2. Search for “Hotlink File Prevention”.
 3. Install, then Activate the plugin.

For more installation options and instructions, see [“Installing Plugins” on WordPress.org](https://wordpress.org/support/article/managing-plugins/#installing-plugins).

## FAQ

### How does HFP work?

HFP creates an Apache `.htaccess` file in the `wp-content/uploads` directory. It
sets a HTTP_REFERER check and RewriteRule for each file that has hotlink protection
applied. Toggling hotlink protection on/off dynamically adds/removes RewriteRule
statements.

### Can it be used with any type of media file?

Yes, it works with any file that you upload to the media library.

### Are my files absolutely safe using this plugin?

Here’s the deal: This plugin makes it harder for people to hotlink to your files,
but if they are highly technical, they will be able to do things like fake the HTTP
referrer.

### Does it with with web servers other than Apache?

The server must process rewrite rules in `.htaccess`. So HFP will work on Apache
and LightSpeed servers, but not NGINX.

## Reviews

![](https://secure.gravatar.com/avatar/fe0b0ad4b7bd718bd1988753daba5195fd8c2a41ac1cafaddb66f1337d51ff7f?
s=60&d=retro&r=g)

### 󠀁[Works Great! (read review below for exceptions)](https://wordpress.org/support/topic/works-great-read-review-below-for-exceptions/)󠁿

 [Rick Cheney](https://profiles.wordpress.org/rcstp/) నవంబర్ 20, 2024

THANK YOU for making this plugin. It works great EXCEPT your media library filenames
cannot have hyphens in the filenames. Maybe they can have one or two hyphens, I 
don’t know because I didn’t test it but I found with four hyphens in the filename
it didn’t work.

![](https://secure.gravatar.com/avatar/ab9f741cde101cd8e4551471019f2f28c3266b15a94772642c2f67bc4ad1519e?
s=60&d=retro&r=g)

### 󠀁[Not working](https://wordpress.org/support/topic/not-working-4240/)󠁿

 [twentytwelveuser](https://profiles.wordpress.org/twentytwelveuser/) జూన్ 2, 2024

The plugin is activated, but other site still shows pictures from my site. RewriteRule
2017/03/Unity-Terrain03.png – [NC,L,F] Still there is no effect Added: The problem
was in hosting settings – they disabled htaccess and used nginx. So I have to enable
manual mode to turn on htaccess: Connect to the site with SSH Edit the config file
for your site (example: ~/etc/httpd/php80/site-address.conf): <Directory /home/h12345678/
site-address/docs/wp-content/uploads> AllowOverride All </Directory> 3. Use the 
plugin

![](https://secure.gravatar.com/avatar/8f5b79f7e49e7576a837032adaa7842c559d8ce3983c22b9c56b0092cacf096f?
s=60&d=retro&r=g)

### 󠀁[Perfect Solution](https://wordpress.org/support/topic/perfect-solution-272/)󠁿

 [Mike Oliver](https://profiles.wordpress.org/zephyrmike/) మే 29, 2024

I had an image on one of my website demos linking to over 100k sites, this plugin
worked perfectly to block it.

![](https://secure.gravatar.com/avatar/be3af852e708559072ff3efe13bb96c803be1258642e086fe65d842ac0d6697d?
s=60&d=retro&r=g)

### 󠀁[Very good](https://wordpress.org/support/topic/very-good-6192/)󠁿

 [trinhthidien](https://profiles.wordpress.org/trinhthidien/) జనవరి 22, 2022

Very good

![](https://secure.gravatar.com/avatar/e5fedd193d655ab5e41d12c10eff5b87b052889d8df3e71aa2499db964cfe63d?
s=60&d=retro&r=g)

### 󠀁[Exactly what I was looking for!](https://wordpress.org/support/topic/exactly-what-i-was-looking-for-514/)󠁿

 [Wolfgang Hanus](https://profiles.wordpress.org/whanus/) సెప్టెంబర్ 8, 2021

After hours and hours of searching I finally found this plugin. It works great! 
I would like to see a feature that allows you to protect multiple media files at
once. So that you don’t have to click on each file individually. Many thanks to 
the developers!

![](https://secure.gravatar.com/avatar/5cebc1389489729243feb63f63a88018fc3096db3946f7efd4c3b080e9a57c2a?
s=60&d=retro&r=g)

### 󠀁[the best](https://wordpress.org/support/topic/the-best-2090/)󠁿

 [user098242734](https://profiles.wordpress.org/user098242734/) జూన్ 18, 2021

works perfect thanks!

 [ Read all 7 reviews ](https://wordpress.org/support/plugin/hotlink-file-prevention/reviews/)

## Contributors & Developers

“Hotlink File Prevention” is open source software. The following people have contributed
to this plugin.

Contributors

 *   [ swinggraphics ](https://profiles.wordpress.org/swinggraphics/)
 *   [ electricmill ](https://profiles.wordpress.org/electricmill/)

[Translate “Hotlink File Prevention” into your language.](https://translate.wordpress.org/projects/wp-plugins/hotlink-file-prevention)

### Interested in development?

[Browse the code](https://plugins.trac.wordpress.org/browser/hotlink-file-prevention/),
check out the [SVN repository](https://plugins.svn.wordpress.org/hotlink-file-prevention/),
or subscribe to the [development log](https://plugins.trac.wordpress.org/log/hotlink-file-prevention/)
by [RSS](https://plugins.trac.wordpress.org/log/hotlink-file-prevention/?limit=100&mode=stop_on_copy&format=rss).

## Changelog

#### 2.0.0

 * Track protected files in wp_options table instead of individual post meta
 * Fixed htaccess rules to work with multiple protected files
 * Use insert_with_markers() to handle writing to htaccess
 * Added CSS for media library table column
 * Added uninstall hook

#### 1.1.0

 * Modernized the code, and got it working again!
 * Updated README
 * Changed some strings, and made them translation-ready
 * Moved Hotlink Protection column before Date
 * Added deactivation hook to remove htaccess file

#### 1.0.1

 * commented out error reporting
 * now uses just filename (followed by full path and name) in .htaccess; previously
   this was full path and location alone. Version 1.0.0 users should delete .htaccess
   from /uploads directory and rebuild file by clicking “update” on any file in 
   Media Library that has “Yes” for Hotlink File Prevention.

#### 1.0.0

 * Development version and Alpha release.

## Meta

 *  Version **2.0.0**
 *  Last updated **2 సంవత్సరాలు ago**
 *  Active installations **700+**
 *  WordPress version ** 4.6 or higher **
 *  Tested up to **6.5.8**
 *  PHP version ** 5.6 or higher **
 *  Language
 * [English (US)](https://wordpress.org/plugins/hotlink-file-prevention/)
 * Tags
 * [admin](https://te.wordpress.org/plugins/tags/admin/)[attachments](https://te.wordpress.org/plugins/tags/attachments/)
   [files](https://te.wordpress.org/plugins/tags/files/)[hotlink](https://te.wordpress.org/plugins/tags/hotlink/)
   [images](https://te.wordpress.org/plugins/tags/images/)
 *  [Advanced View](https://te.wordpress.org/plugins/hotlink-file-prevention/advanced/)

## Ratings

 4.9 out of 5 stars.

 *  [  6 5-star reviews     ](https://wordpress.org/support/plugin/hotlink-file-prevention/reviews/?filter=5)
 *  [  1 4-star review     ](https://wordpress.org/support/plugin/hotlink-file-prevention/reviews/?filter=4)
 *  [  0 3-star reviews     ](https://wordpress.org/support/plugin/hotlink-file-prevention/reviews/?filter=3)
 *  [  0 2-star reviews     ](https://wordpress.org/support/plugin/hotlink-file-prevention/reviews/?filter=2)
 *  [  0 1-star reviews     ](https://wordpress.org/support/plugin/hotlink-file-prevention/reviews/?filter=1)

[Your review](https://wordpress.org/support/plugin/hotlink-file-prevention/reviews/#new-post)

[See all reviews](https://wordpress.org/support/plugin/hotlink-file-prevention/reviews/)

## Contributors

 *   [ swinggraphics ](https://profiles.wordpress.org/swinggraphics/)
 *   [ electricmill ](https://profiles.wordpress.org/electricmill/)

## Support

Got something to say? Need help?

 [View support forum](https://wordpress.org/support/plugin/hotlink-file-prevention/)