There are some spammers out there, specially in the adult business,who take some of the highest ranked Google images and then hotlink to them in order to get your traffic, it is also possible that you have limited hosting account bandwith or put simply, you do not want anyone to hotlink to any of your images, here is what you do to stop it.

Go to your webhosting account and edit your .htaccess file, or create it if it does not exist, then add these lines (RewriteEngine will typically be already set to on if you have a Wordpress blog, you will then omit this line and do not write it twice):

RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?yourdomain.com [NC]
RewriteRule \.(jpg|jpeg|png|gif)$ http://unix.privacylover.com/wp-content/uploads/2009/11/bandwidth_theft_message.gif [NC,R,L]

That is it! The most important part is to get yourdomain.com right, if you do not do this you will see the nasty image served by unix.privacylover.com/wp-content/uploads/2009/11/bandwidth_theft_message.gif

To whitelist search engines and let them hotlink to your images, you should add these lines to your .htaccess file (add other search engines at will):

RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?yourdomain.com [NC]
RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?google.com [NC]
RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?google.de [NC]
RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?google.nl [NC]
RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?google.co.uk [NC]
RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?google.es [NC]
RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?google.ca [NC]
RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?bing.com [NC]
RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?bing.co.uk [NC]
RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?bing.de [NC]
RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?bing.ca [NC]
RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?yahoo.com [NC]
RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?yahoo.ca [NC]
RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?yahoo.de [NC]
RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?yahoo.co.uk [NC]
RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?ask.com [NC]
RewriteRule \.(jpg|jpeg|png|gif)$ http://unix.privacylover.com/wp-content/uploads/2009/11/bandwidth_theft_message.gif [NC,R,L]

Stop bandwidth theft

Code explanation:

RewriteCond %{HTTP_REFERER} !^$ > Allow blank referrers (recommended). Some users surf under firewall and they do not provide any referrers, disallowing blank referrers will block them from accessing these images, but if you still want to do that simply delete this line.

RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?yourdomain.com [NC] > Site allowed to link your images, if you do not add your domain here you will be blocking your own blog from displaying the images. You can also add Google and Bing here so that they can still link to the images.

RewriteRule \.(jpg|jpeg|png|gif)$ http://unix.privacylover.com/wp-content/uploads/2009/11/bandwidth_theft_message.gif [NC,R,L] > In between the () are type of files you want to block from hotlinking, you can also add .css and other extensions like .bmp. To add more seperate them with”|”.

Change ‘http://unix.privacylover.com/wp-content/uploads/2009/11/bandwidth_theft_message.gif‘ to your own message, whenever image hotlinking is detected this image will show up. It will be better if you host the image somewhere else out from your own webhost.

Warning: Make sure the image you are serving is not hotlink protected or your server can go into an endless loop.

Other ways to protect image hotlinking:

You may turn on hotlink protection at your CPanel webhosting account but this allows for far less customization than adding the manual .htaccess code.

There is a plugin for Wordpress to stop hotlinking: WordPress Automatic Image Hotlink Protection

To check out if your hotlink protection is working visit this free hotlink checker