What does enabling Cloudflare Hotlink Protection do?

When enabled, the "Hotlink Protection" option ensures that other sites cannot suck up your bandwidth by building pages that use images hosted on your site. Anytime a request for an image on your site hits Cloudflare, we check to ensure that it's not another site requesting them. People will still be able to download and view images from your page, but other sites won't be able to steal them for use on their own pages.

In other words, HTTP Referers that are not in-zone and not blank will be denied access. Supported file extensions are gif, ico, jpg, jpeg, and png.

**Protected**: http<nolink>://example.com/pic.jpg  
**To bypass**: http<nolink>://example.com/hotlink-ok/pic.jpg

You can allow certain images to be hotlinked using a special folder named `hotlink-ok`. If I wanted to allow example.blogspot.com to use `logo.png` from www<nolink>.example.com, I would need to put `logo.png` in a new folder called `hotlink-ok`. Any images in this folder will not be checked for hotlinking. This folder can be placed anywhere in your website's folder hierarchy. All of the following URLs will not be checked for hotlinking:

http<nolink>://www<nolink>.example.com/hotlink-ok/pic.jpg  
http<nolink>://www<nolink>.example.com/images/hotlink-ok/pic.jpg  
http<nolink>://www<nolink>.example.com/hotlink-ok/images/pic.jpg  
http<nolink>://www<nolink>.example.com/images/main-site/hotlink-ok/pic.jpg

To turn Hotlinking on or off, visit the ScrapeShield app in the Cloudflare dashboard at cloudflare.com/a/content-protection/YOUR-DOMAIN.COM.

Still not finding what you need?

The CloudFlare team is here to help. 95% of questions can be answered using the search tool, but if you can’t find what you need, submit a support request.

Powered by Zendesk