Wordpress toolkit hotlink protection - RSS feed

[Vipa]

Hey there,

is it possible to exclude images in the rss feed from the hotlink protection?

 

[Evgeny]

No, It is impossible.

RSS-feed readers do exactly what "Hotlink protection" protects from: they display images (from your server, "wp-content/uploads/" directory) on a third-party resource.

 

[Vipa]

Yes I know that RSS-feed readers do exactly what "hotlink protection" tries to prevent.
That's why I asked if it is possible to include an exception for this.
For example to exclude featured images from this protection as they are used for RSS feeds or if the page is posted to facebook or twitter.
Otherwise you cannot use hotlink protection if you want to use any of these services.

 

[Evgeny]

At the moment, this is impossible to do.

The whitelist of domains includes only the domain of the site and google.com, and is not available for manual configuration.

The only workaround is to add directives ("Additional Apache directives"/"Additional nginx directives" in the web server settings for the domain) that take priority over "hotlink protection" rules and return images for the required services.

 

[Vipa]

thanks, this helps.
Maybe something like this will be added in future release.

 

[custer]

Hi @Vipa

I wrote down your feature request. We'll see what we can do -- this is likely to be updated when we focus on security checkers again.

 

[custer]

Update: we have added customization options to Hotlink protection. If they don't help you handle your case, please let us know.