Page tree
For cPanel & WHM version 82.

Skip to end of metadata
Go to start of metadata

(cPanel >> Home >> Security >> Hotlink Protection)


A hotlink occurs when someone embeds content from your site in another site and uses your bandwidth to serve the files. You can use this interface to prevent this issue.


  • When you disable hotlinks, make certain that you allow hotlinks for any necessary domains. For example, your website's subdomains and the URL that you use to access your cPanel account.
  • The URL for accessing your cPanel account should appear in the List the URLs to which you wish to allow access menu. If it doesn't, you may not see embedded images in the HTML Editor section of the File Manager interface (cPanel >> Home >> Files >> File Manager).

Enable hotlink protection

To enable hotlink protection, perform the following steps:

  1. Click Enable. A new page will open that displays the Allowed referrers and Protected extension lists.
  2. Click Go back.
  3. To allow specific sites to hotlink to your site, add their URLs in the URLs to allow access menu.
  4. To block direct access to files of specific types, add those file extensions to the Block direct access for the following extensions text box. 
    • For example, to block all .jpg images, add .jpg to the Block direct access for the following extensions text box.
    • When you block these file types, others cannot hotlink those types of files from your website, regardless of any other settings.
  5. To allow visitors access to specific content through the URL, select the Allow direct requests checkbox.
    • For example, if you enable this option, a visitor could enter as a URL to access the example.jpg file.
  6. To redirect requests for certain content, enter the URL to which you want to redirect your visitor in the Redirect the request to the following URL text box.
  7. Click Submit.

Disable hotlink protection

To disable hotlink protection, click Disable.


When you click Disable, the system deletes the entries in the List the URLs to which you wish to allow access list. We strongly recommend that you save the list locally before you disable hotlink protection.