How do I prevent ppl from bypassing login and going directly images? My index.php has a login, but my pictures are stored in the images dir, how do I prevent somebody (who hasn't logged in) from going to XXXX.vdnv.com/images/pic1.jpg and seeing the image?
Thanks,
Greg
ps. Obviously I'm new to this...
Zymic Webmaster Forums > Zymic Free Web Hosting > Zymic Free Web Hosting - General Discussion & Help
You need to edit your .htaccess file to deny access to that folder. Or you could just create an html file name it index.html and have NOthing on the page except "You shouldn't be here" or something like that.
Ok... I searched online for examples of .htaccess files and found some. Here's the .htaccess file at the root level, but I can still view pic1.jpg... what am I doing wrong?? Is there a time period that must elapse before the change actually occurs on the server?
IndexIgnore */*
<Files ~ "\.(jpg)$">
order allow,deny
deny from all
</Files>
<Files .htaccess>
order allow,deny
deny from all
</Files>
Options +FollowSymLinks
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www\.)?XXXX.vndv.com/.*$ [NC]
RewriteRule \.(gif|jpg)$ - [F]
IndexIgnore */*
<Files ~ "\.(jpg)$">
order allow,deny
deny from all
</Files>
<Files .htaccess>
order allow,deny
deny from all
</Files>
Options +FollowSymLinks
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www\.)?XXXX.vndv.com/.*$ [NC]
RewriteRule \.(gif|jpg)$ - [F]
I'm not completely familiar with htaccess, I just know you need to use them. but maybe google this but shouldn't it be "order deny,allow" if that doesn't work, try putting the .htaccess file into the pictures directory.
Yeah i belive it is order deny,allow
But anyways you can use PHP to secure the directory
But anyways you can use PHP to secure the directory
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.