The best way to stop someone hotlinking your files is to setup a htaccess file a directory that you want to protect. All subdirectories are protected as well by this. If you use a webhosting account you should make sure that you can actually use .htaccess files on it before you try and implement this feature.

To use them you simply upload a file called .htaccess to a directory on your website and edit it with the following information to prevent hotlinking:

RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?ghacks.net [NC]
RewriteRule \.(jpg|jpeg|png|gif)$ – [NC,F,L]

You have to edit the domain name of course and add possible other filetypes to the list in the fourth line. If you have another domain that should be allowed to hotlink your files you simply add the third line again and edit the domain name accordingly.

If you have a WordPress blog and can’t use .htaccess you could use the WordPress plugin called Hotlink Protection which basically does the same thing but does not allow the addition of other domain names.