Hotlinking is based on the fact that http does not distinguish between different links and treats all links equally, regardless of whether all the link destinations are hosted on the same server. Thus, different elements can be integrated into a website, even if their content is retrieved from different hosts and appear as a single image in the browser. Once a browser retrieves the content of a website, it will start with the text within the HTML document. There may be inserted links and scripts within this document which will initiate the loading of further files. Whether the browser retrieves images from the root URL, or from external sources, makes no difference in the presentation. The affected website or rather the server on which the site is hosted, benefits from a lower volume of data, because the content of the inline link is loaded from another server. Thus, the website can benefit from shorter loading time in spite of various media content. However, the webmaster is then dependent on the external source having the integrated resource available at all times. Common examples of desired hotlinking are videos from YouTube or other video platforms as well as widgets or inline frames of news sites.
When hotlinking is not explicitly allowed, it is often regarded as traffic theft. A common example of this is the posting of image links in forums. A user integrates a link to an image of a product that he likes into his forum post. Each time the image is retrieved, an additional load will be put on the server of the link destination. In well-attended forums this may have a huge impact on the traffic of the host, without the owner of the image getting any direct visitors to his site. In many cases, such hotlinking is not done with evil intent. However, there are cases in which iframes are used deliberately to siphon off traffic from other sites. An example of the arbitrary control of traffic can often be found in the image SERPs of Google. The link source specified for an image shown in the results page has the image included only as a hotlink and is not a link to the actual source website.
Inline linking or hotlinking can be done in different ways:
- Webmasters can knowingly control traffic to their servers by outsourcing images or video resources to different servers or subdomains. When accessing the website, the text comes from the domain xyz.com and the images from images.xyz.com.
- Images or videos from other hosts are integrated via the src attribute and the HTML element iframe.
Unintended hotlinking can be primarily prevented with security techniques in browsers. If a link in integrated media, for example, directs to an untrusted source, the browser prevents loading or asks the user whether the content should be loaded. Ad blockers can also fulfill this task. There are different options available for webmasters to prevent hotlinking. Unwanted hotlinking can be detected through HTTP referrers. The server can be configured with PHP or in the case of Apache through mod rewrite in such a way that media from your server cannot be included on other sites or a blank document will appear.
The legal situation for integrating external content through hotlinking is not clear at this point, since the source for the integrated medium is indicated on the reference link and the medium itself is not changed. It is often a matter of interpretation whether hotlinking is a copyright infringement or not. According to a judgment by the European Court, hotlinking is allowed if the content was uploaded on the Internet and is freely available to anyone. It becomes a problem if you include images or videos that were not meant for public distribution. If you want to make sure that you can use media from another host on your website, you should first ask the operator of the other website and get a confirmation.
Benefits for usability