ImageKit.io provides certain features to secure your images and restrict the transformations that can be performed. Implementing these security features will stop the unauthorized use of your image URLs.
You can secure your images by restricting unsigned URLs, restricting unnamed image transforms, and using private images.
Enable 'Restrict Unnamed Image Transformations' and click on 'Save'.
Restrict unnamed image transformation setting in ImageKit.io dashboard
Restricting Unnamed Transformations does not allow explicit transformations. For eg: enabling this feature and then trying to use tr:w-100,h-100 within the URL, or any other transform mentioned explicitly would return a 'Bad Image Transformation Request' error.
Enable 'Restrict Unsigned Image URLs' and click on 'Save'.
Restrict unsigned image setting in ImageKit.io dashboard