how to prevent hotlinking with Caddy

apr 27 2022


recently, some people starting hotlinking to one of my websites in a way i didn't like. to prevent that, i added this to my Caddyfile:

/etc/caddy/Caddyfile
@hp {
  path /to/protect/*
  not header Referer https://yourdomain.tld*
}
              
respond @hp "Hotlinking is not allowed" 403 {
  close
}

once you reload caddy, you should find that all requests to the path specified will return a 403 unless originating from the specified domain.