Prevent hotlinking only from certain domains



One of our sites are experiencing being scraped by “empty” websites through hot-linking, and it’s starting to become an issue for us. We’ve looked into the Scrapeshield Hot-Linking Protection, but that seems to prevent any and all hot-linking, which is not something we want. We gather a good share of our traffic through users sharing our articles on Facebook for example, and it is my understanding that turning on the Hot-Linking protection would prevent our images to show up on these shared Facebook posts.

So I’m wondering how we can set up hot-link protection so that domains like Facebook and others like it can still hotlink, while these ill-intended crawlers are still blocked. A black- or whitelist would be ideal, don’t know if that’s doable.


You could always do that server-side. If you want to avoid your servers being hit in the first place you could currently implement that with Cloudflare workers.


How would I go about setting up a worker for it?
I checked out the Hot-Link Protection Recipe for it, but I could get so much out of it as I am not good with code.
Would our dev team know what to do if presented with this snippet?


Assuming it is a “dev team” I’d hope so :slight_smile:


They are :sweat_smile:
Thank you for taking the time to answer :slight_smile:


This topic was automatically closed after 14 days. New replies are no longer allowed.