Verdant TCS

How to Prevent Image Hotlinking

< 1 minute

Hotlinking is where someone loads an image from another website on their own website, directly off their server and effectively stealing their bandwidth (and probably also breaking a copyright law by not having the appropriate licensing/permission in many cases).

If you’d like to put protection in place on your website, below will walk you through this process. 

Step 2. Create your nginx config

We now need to create a config and add our rules to it. To keep things simple, we’ll name it inline what we’re trying to do and call it hotlink-main-context.conf. 

To create the file, run the following (switching out “site.url” for your websites domain):

nano /var/www/site.url/nginx/hotlink-main-context.conf


nano /var/www/

Next, paste the following inside the file (again replacing site.url with your domain):

location ~ .(gif|png|jpe?g|svg)$ {
 valid_referers none blocked site.url *.site.url;
 if ($invalid_referer) {
 return 403;

Ctrl+O and then press enter. Then Ctrl+X to exit nano.

Step 3. Check your syntax and reload nginx

We now need to test our nginx syntax with:

nginx -t

If there are no errors present, reload nginx with the following command:

gp ngx reload

Your website is now protected against hotlinking!

Search the Knowledge Base

New to vCanopy?

Get started with our FREE Core plan today! We bring the software, you bring the hardware.