How To Prevent Content Theft In WordPress

Content theft and hotlinking can cost you bandwidth and lost visitors. Learn how to prevent content theft in WordPress …

Get Thrive Leads for WordPress

How To Protect Your Content From Being Stolen In WordPress

How To Prevent Content Theft In WordPressIf you run a product review site, blog, e-commerce site, membership site or a download page, your content and download files are at risk of being stolen by internet thieves.

No website owner wants their content or files to be stolen. The World Wide Web is structured in such a way, however, that most websites have no choice but to leave themselves wide open to content theft.

For example, the simplest way to steal content from any website is to highlight, select, and copy web page content to your clipboard …

Stealing content online is as easy as copy ...

(Stealing content online is as easy as copy …)

And then pasting it into your own blogs …

and paste!

(and paste!)

Content Theft Methods

There are various methods that can be used to steal content online. Two of the most common content theft methods include ‘content scraping’ and ‘hotlinking’.

Content Scraping

Many content thieves use a simple method like the ‘copy and paste’ one shown above to steal content from other websites and publish it on their site as their own. This is called content scraping.

Many sites will copy articles from other websites or even copy entire websites. In some cases, sites built using entirely pilfered content can even outrank the sites that published the original content. There are many tools available that can automate content scraping, including a number of autoblogging tools.


Hotlinking is using images, videos, or files being hosted on and served from other websites in your content, instead of uploading and serving these from your own server and website. Essentially, you’re serving visitors content that is not hosted on your server and someone else is paying for the space and bandwidth resources.

Sites like YouTube, Instagram, Flickr, etc. will give you permission to ‘hotlink’ (i.e. use content hosted on their site) and supply you with an embed code so you can display files like videos, images, etc. on your website or blog. Other sites will host content like banner images or video ads on their server and supply you with HTML or Javascript code that you can insert into your content to display these on your site. All of these instances are common practice and perfectly legit.

Where hotlinking becomes stealing, is when you use images and files hosted on other websites in your content without the owner’s explicit permission, knowledge, or consent.

If someone is hotlinking to your site without your knowledge, then you’re not only paying for the bandwidth and hosting resources but others are benefiting from the time and money you have invested into creating these files and using this to compete against you. They’re stealing from you on every level.

How To Protect Your Site From Content Theft – Your Options

What can you do to prevent people stealing your content online? Let’s take a look at your options …

Don’t Publish Content Online

The simplest way to prevent content theft online is to not publish anything online that you don’t want stolen. If you provide a specialized service involving ‘trade secrets,’ for example, you can advertise your services and describe its features and benefits on your website without actually revealing your methods for achieving results.

Keep Your Content Private

If your business requires publishing valuable information online, however, then consider publishing your content privately (e.g. inside a password-protected area or membership site), so that only those with access to the content can view or download your files. While this will not prevent people from stealing your content once they gain access to the information, it will help to minimize incidents and opportunities for content theft.

Modify Your .htacess File

Your .htaccess file is stored on your server and contains important server instructions for your website. You can add hotlink protection instructions to your .htaccess file to prevent other sites from displaying your images and other files and there are online tools that can create these instructions for you, but this requires editing code and working with files on your server.

If you don’t want to mess with code or server files, then consider the next option below.

Use Content Theft Prevention Plugins

If you have no choice but to display your content publicly, then consider using a WordPress plugin to disable features or functions on your site that would allow your content to be easily copied, stolen, or hotlinked.

Useful Information

Most WordPress content theft prevention plugins will not block search engines from indexing your web content. These plugins work by disabling web browser functions that allow visitors to copy your content (e.g. select text, right-click, and copy).

Here are some content theft prevention plugins you can look at and consider installing on your WordPress website or blog.

WP Content Guard

WP Content Guard

(WP Content Guard)

WP Content Guard is an all-in-one WordPress content protection plugin that is designed to save you time and money tracking down content thieves, dealing with support issues, and protecting your search engine rankings by preventing content and product files from being freely distributed and linked to online from other websites, black hat forums, or via email links.

The plugin is easy to install and configure …

WP Content Guard - Settings Screen

(WP Content Guard – Settings Screen)

Once the plugin is installed and activated, it literally works right out of the box, providing instant content and hotlinking protection …

WP Content Guard works right out of the box

(WP Content Guard works right out of the box)

The main features of this plugin include:

  • Built-In Advanced Hotlink Protection: This prevents content thieves from linking directly to your images and files from their own sites, on forums, or emails and causing you to incur excessive bandwidth usage charges.
  • Automatic Right-Click Blocking: With this feature enabled, visitors will not be able to right-click on any part of your site to view the source code of your web pages or easily copy direct links to your files and images.
  • Automatic Copy & Paste Blocking: With this feature enabled, visitors will not be able to copy and paste any part of your content.

This plugin is developed and maintained by established and trusted WordPress plugin developers. It includes single and unlimited site licensing, free lifetime updates, full support and a risk-free 30-day money back guarantee.

For more information, go here: WP Content Guard

Smart Content Protector Pro

Smart Content Protector Pro - WordPress Copy Protection

(Smart Content Protector Pro – WordPress Copy Protection)

Smart Content Protector Pro protects text and images on your WordPress site from being copied. The plugin automatically goes to work protecting your site’s content as soon as it is activated.

You can, however, also configure plugin settings to specify what visitors can and can’t do on your site, including protecting content on all pages, only on certain pages (e.g. homepage, posts, custom pages/posts, or custom categories), etc. …

Smart Content Protector Pro - Settings Screen

(Smart Content Protector Pro – Settings Screen)

The plugin also provides image protection options, such as disabling image dragging, viewing the original image in a new window or displaying the image in a lightbox. Advanced image protection features allow you to add watermarks to images …

Smart Content Protector Pro - Image Protection Settings

(Smart Content Protector Pro – Image Protection Settings)

The plugin also records the IP addresses of sites that have copied your content …

See which IP addresses have copied your content

(See which IP addresses have copied your content)

Smart Content Protector Pro also provides text protection settings for Windows, Linux and Mac operating systems …

Smart Content Protector Pro - Text Protection Settings

(Smart Content Protector Pro – Text Protection Settings)

Additional features of this simple and easy to use plugin include advanced multiple text and image protection methods and options, watermarking, disabling mouse right-clicking and shortcut keys (e.g.  Cut, Copy, Paste, Select All, View Source, etc.), content protection based on user levels, alert message options for right-clicking or Print Screen, and more.

More info: Smart Content Protector Pro

WP Content Copy Protection & No Right Click

WP Content Copy Protection & No Right Click

(WP Content Copy Protection & No Right Click)

WP Content Copy Protection & No Right Click is an easy to install plugin that protects content on your posts and home page from being copied without your permission using multiple JavaScript + CSS methods.

Basic features include disabling copying of content and images using right-clicking or shortcut keys and displaying alert messages or image ads. The plugin also offers a ‘pro’ edition with advanced features (see next item below).

More info: WP Content Copy Protection & No Right Click

WP Content Copy Protection (Pro)

WP Content Copy Protection Pro

(WP Content Copy Protection Pro)

WP Content Copy Protection Pro is the premium version of the WP Content Copy Protection & No Right Click plugin.

This plugin will not only protect your content from being selected and copied, it also gives you full control over right-click functions and context menus. You can display alerts when users right-click on images, text boxes, links, plain text, etc., disable control keys, watermark images on the fly, exclude home page or single posts from being copy-protected, disable copy protection for admin users, and more.

The plugin offers aggressive image protection to prevent expert users from stealing your images, flexible protection options and is compatible with all major theme frameworks and browsers.

More information: WP Content Copy Protection Pro

WP Content Copy Protection

WP Content Copy Protection

(WP Content Copy Protection)

WP Content Copy Protection aggressively protects all your valuable site content (source code, text content, and images) from being illegally copied and prevents plagiarism. Copy methods are disabled via mouse and keyboard.

Visit this website to learn more about this plugin: WP Content Copy Protection

WP CopyRight PRO

WP CopyRightPro

(WP CopyRightPro)

WP CopyRightPro can prevent around 90% of attempts from online users copying text and images on your WordPress site. This plugin will disable selection and copying of text from web pages, right-clicking functionality, image-dragging and displaying content on other sites via iframes.

After activating the plugin and allowing it some time to gather data, the plugin will reveal any sites that are using your images.

More information: WP CopyRightPro

WordPress Hotlink Protection Plugins

Below is a list of WordPress plugins that provide hotlink protection for your site’s images.


To view a list of sites that are using your images, go to the images section and type

Google can show you which sites are using your images

(Google can show you which sites are using your images)

Configurable Hotlink Protection

Configurable Hotlink Protection

(Configurable Hotlink Protection)

Configurable Hotlink Protection is a free WordPress plugin that helps you save bandwidth by blocking links to video, audio, and other files from unapproved websites.

The plugin settings let you selectively control direct linking and choose which kind of files to block from a list of common file extensions (or include your own), allow linking from multiple authorized websites, and generates .htaccess file rules.

To learn more about using this plugin, visit the plugin site: Configurable Hotlink Protection

Hotlink File Prevention

Hotlink File Prevention

(Hotlink File Prevention)

Hotlink File Prevention is a free plugin that provides simple hotlink prevention to individual files and can be turned on/off directly in the WordPress media library. This allows you to protect files inside membership sites or private pages from being copied by users with access to the content.

For more details, go here: Hotlink File Prevention




Hotlink2Watermark is a free WordPress plugin that lets you display a watermark on images being hotlinked from your website …

Add watermarks to hotlinked images

(Add watermarks to hotlinked images)

The plugin gives you the option of using text (choose from 4 different fonts and optional shadow colours) or an image for your watermark. You can also save a list of all websites hotlinking your images on a csv file.

More info: Hotlink2Watermark

Hopefully, the above has helped you gain a better understanding of how to prevent content theft in WordPress.

How To Prevent Content Theft In WordPress


"Learning WordPress has been a huge stumbling block for me. I've been looking for something that covers absolutely everything but doesn't cost an arm and a leg. Thank you so much ... you have just provided me with what I have been looking for! Truly appreciated!" - Tanya

Disclaimer: WordPress and its related trademarks are registered trademarks of Automattic, Inc. This site is not affiliated with nor sponsored by Automattic, Inc. or the WordPress Open Source project. This site and the products and services offered on this site are not affiliated, associated, endorsed, or sponsored by WordPress, nor have they been tested, certified, or reviewed by WordPress. The owner, contributors and/or advertisers may derive financial benefit from sales of items linked to, reviewed, or advertised on this site.


Did you enjoy this tutorial? If so, please consider using the links below and share this tutorial with anyone thinking of starting or growing a business online.

WordPress Installation Files: A Glossary For Non-Techies

Need to know what WordPress installation folders and files in your server are used for? Here is a glossary of WordPress installation files for non-techies …

WordPress Installation Files: A Glossary For Non-TechiesWhen WordPress is installed on your domain, either by performing a manual WordPress installation or using a WordPress installation script like Softaculous or Fantastico, a number of folders and files get added to your server’s root directory.

Although these folders and files are mostly accessed by technical users like website developers, it’s good to know what these folders and files are used for, especially if you plan to build or manage your own WordPress site.

WordPress installation files

(WordPress installation files)

You can view these folders and files using an FTP application or cPanel’s File Manager. For help with this, see the tutorial below:

Knowing what WordPress installation folders and files do is also important for areas like:

WordPress Installation Files: A Glossary For Non-Techies

Your WordPress site is made up of your WordPress installation files and your WordPress database. These are responsible for creating, storing, and managing all of your site’s information, web pages, etc.

Below is a glossary of WordPress installation files for non-techies. The glossary includes non-technical explanations and descriptions with links to related tutorials.

If you need more technical information about the folders or files below, please refer to the official WordPress documentation here:


This folder contains all of the files that control your WordPress site’s installation, administration, and management functions …

WordPress wp-admin folder

(WordPress wp-admin folder)


This folder holds all of the content supplied by users (e.g. images uploaded to the WordPress Media Library) and stores all of the WordPress Themes and WordPress Plugins installed on your site …

WordPress wp-content folder

(WordPress wp-content folder)

This folder is also used for things like:


This folder contains most of the technical files and instructions required for supporting WordPress functionality …

WordPress wp-includes folder

(WordPress wp-includes folder)


An .htaccess file is a configuration file used on web servers running the Apache Web Server software. It contains important server instructions …

WordPress .htaccess file

(WordPress .htaccess file)

The .htaccess file is used to enable/disable functionality, such as:

  • Enabling password protection on a directory
  • Enabling content protection
  • Denying visitors access to the website
  • Redirecting visitors to another page or a custom error or 404 page
  • Preventing images on your site from being hotlinked
  • Etc.

If you experience WordPress errors, it may be because your .htaccess file has become corrupted. If this happens, see this tutorial:


This is the core WordPress index file that instructs your WordPress theme and blog to load.

This file looks to see if you have set a home page in WordPress and displays that page to your visitors. If not, it displays a default blog page.

Basically, what the index.php file does, is show visitors a page like this when they visit your site …

This is what visitors see thanks to index.php

(This is what visitors see thanks to index.php)

Instead of a directory of internal files like this …

This is what visitors see if index.php file is removed

(This is what visitors see if index.php file is removed)


This file contains the WordPress GPL license which states that WordPress is free software and can be redistributed and/or modified under the terms of the GNU General Public License.


This file contains useful pre-installation information about WordPress …

WordPress ReadMe file

(WordPress ReadMe file)


This file confirms that the activation key sent in an email after a user signs up for a new site matches the key for that user and then displays confirmation.


This file decides what to display based on the parameters that are passed to the blog from any page that wants to display WordPress content and loads the WordPress environment and template.


This file receives posted comments and adds them to the WordPress database. It also prevents duplicate comment posting.


This is a sample of the wp-config.php file used to connect WordPress to your MySQL database. You can use this sample file to manually create the wp-config.php file (see below).


The wp-config.php file is one of your most important WordPress installation files. The wp-config.php file is located in the root of your WordPress file directory and contains your website’s base configuration details, such as your database connection information (e.g. Database Name,  Database Username, Database Password, Database Host, etc.)

Here is some useful information about wp-config.php file:

  • The wp-config.php file isn’t included in the WordPress download files. It is created during the WordPress setup process based either on the information you provide during the manual installation process, or automatically, if you use a WordPress installation script (e.g. Softaculous, Fantastico, etc.)
  • A wp-config.php file can be created manually by editing the sample file (“wp-config-sample.php”), resaving it as wp-config.php and uploading this file to the root install directory.
  • The content of the wp-config.php file follow a specific order. Rearranging the order of this content may create errors on your website.
  • Editing WordPress files like wp-config.php should always be done using a plain text editor. Never use a word processor like Microsoft Word or Google Docs to edit WordPress files.

Many important modifications to WordPress can be done manually by adding lines of code to the wp-config.php file. Some of the features and functionality affected by the wp-config.php file, for example, include:

  • Adding WordPress Security Keys
  • WordPress Autosave And Post Revision (including changing the Autosave interval and disabling Post revisions)
  • Increasing PHP Memory Limit
  • Defining the ‘home’ URL of your WordPress site (i.e. the URL people type in to visit your site).
  • Moving folders (e.g. content, plugins, themes, uploads folder, etc.) to directories in your server other than their default location.
  • Enabling WordPress Multisite
  • Using WordPress In Other Languages
  • Disabling plugin and theme installation, updates, and edits
  • Disabling WordPress automatic and core updates
  • Blocking external URL requests
  • Forcing Admins and Logins to use SSL
  • Overriding default WordPress File Permissions
  • Changing WordPress Cron settings
  • Emptying the trash
  • Debugging WordPress (troubleshooting errors and making repairs)
  • Allowing WordPress users to optimize and repair the WordPress database
  • And so much more …


A CRON job is essentially an automated scheduled task. It’s like someone programming a robot to do XYZ at a specific time. If someone asks the robot “is it time to do XYZ yet?” the robot can then either say “no, it’s not time yet” or “yes, it’s time” and then automatically perform the task.

By default, WordPress calls up wp-cron.php whenever someone visits your WordPress site and a scheduled task is present. Also, hosting companies normally offer CRON. The wp-cron.php file provides a CRON function for hosts that do not offer CRON or where a CRON job has not been set up by software installed on your site.

The wp-cron.php file is used to perform virtual cron jobs (i.e. scheduled tasks) to automate things like publish scheduled posts, check for plugin or theme updates, send email notifications, etc.


This file converts links added to your site via the WordPress admin menu into a format called OPML (Outline Processor Markup Language).

OPML allows outlines and lists to be exchanged between different platforms, such as exchanging lists of RSS feeds between different feed aggregators.

Essentially, this file allows links to be exported from one WordPress site to another.


In computing terms, bootstrapping is a technique for loading a program by means of a few initial instructions which then enable the rest of the program to be loaded from somewhere else.

The wp-load.php file is a bootstrap file that loads the wp-config.php file. The wp-config.php file then loads the wp-settings.php file, which then sets up the WordPress environment.


This is the file that handles the WordPress login page for registered users, including user authentication, user registration, and resetting passwords.


WordPress uses this file to obtain blog posts submitted via email. The URL of this file is usually added to a CRON job so that it is regularly retrieved, enabling new email posts to be accepted.


This file performs various pre-execution routines and procedures, including checking for correct installation, including auxiliary functions, applying user plugins, initializing execution timers, etc.


WordPress uses this file to set up the area where users can sign up to your website or blog.


This file handles incoming trackback requests to WordPress.


This file provides XML-RPC protocol support for WordPress. This allows you to do things like post content to your site using programs and applications other than the built-in web-based administrative interface and for WordPress developers to extend WordPress functionality using plugins.

Additional Files

The additional files below aren’t part of the default WordPress installation but may be found in your server’s WordPress directory:


A php.ini file is the default file for configuring and running applications that require PHP. The server looks for this file when PHP starts up for instructions on how to control variables such as upload sizes, file timeouts, and resource limits.


We hope that you have found the above information useful.

WordPress Installation Files: A Glossary For Non-Techies


"I have used the tutorials to teach all of my clients and it has probably never been so easy for everyone to learn WordPress ... Now I don't need to buy all these very expensive video courses that often don't deliver what they promise." - Stefan Wendt, Internet Marketing Success Group

Disclaimer: We have no association with WordPress, Automattic, or any of the WordPress-related products written about on this site. We may derive affiliate commissions from the sale of third-party services and products mentioned on this site. All product images are the copyright of their respective owners, comply with all license terms and agreements of use are used solely for training and illustrative purposes.


Did you find this tutorial useful? If so, please use the links below and share this tutorial with other blog owners.

WP Total Audit – Find And Fix Common WordPress Errors

Find and fix common WordPress errors with WP Total Audit.

WP Total Audit – Find And Fix Common WordPress Errors

WP Total Audit - Find And Fix Common WordPress ErrorsIn this post, we look at a WordPress security plugin that can help you find and fix common WordPress installation faults.

For additional information on keeping WordPress secure and troubleshooting common WordPress errors, see the following sections:

WP Total Audit

WP Total Audit - Find & fix common errors in WordPress

(WP Total Audit – Find & fix common errors in WordPress)

After logging into thousands of WordPress sites while providing help or support for customers, the expert WordPress developers of WP Total Audit noticed the same installation or configuration mistakes being made over and over again, leaving the sites vulnerable to security attacks, plugin conflicts, etc.

Fortunately, these common mistakes are easy to fix and the WP Total Audit plugin provides ‘one-click’ fixes to from your dashboard. Whether you are a WordPress newbie or you have been using WordPress for years, WP Total Audit is a useful and inexpensive plugin that will automatically scan your site for security and performance loopholes and instantly alert you about any issues that need fixing …

WP Total Audit - Find & fix 17 hidden WordPress dangers in seconds!

(WP Total Audit – Find & fix 17 hidden WordPress dangers in seconds!)

WP Total Audit can be used in brand new or established WordPress sites and can be installed alongside other WordPress security plugins for hardened security.

Below are some testimonials from WP Total Audit users:

”One of the best plugins or probably the best plugins one can invest this year!” Richard Cheah

”Anyone who can push a button can handle it. The instruction video is actually superfluous. A must have, for such a ridiculously low price!” Peter Heine

This inexpensive plugin installs in seconds, can be used on all your WordPress sites, offers a 30-day money back guarantee and lifetime updates and support.

Learn more here: WP Total Audit


"I was absolutely amazed at the scope and breadth of these tutorials! The most in-depth training I have ever received on any subject!" - Myke O'Neill,

Disclaimer: We have no association with WordPress or any products reviewed on this website. We may derive financial benefits or affiliate commissions from the purchase of any services and/or products mentioned on our site. All images are the copyright of their respective owners and comply with all license terms and agreements of use.


Did you find this post useful? Please feel free to share this information with anyone who can benefit from learning about WordPress using the social links below.