forum.coppermine-gallery.net
Support => cpg1.5.x Support => cpg1.5 permissions => Topic started by: Shaar on November 09, 2010, 10:04:25 am
-
I have it set up now so that users can only view thumbnails unless I move the user account to a group named 'PAID MEMBERS'. Well, I noticed a little problem with this. I can right click and view source, scroll down to the thumbnail path, and remove the word thumb and the images are all fully accessible this way. Is there a way to prevent direct access to the images without viewing each image on the pages and albums directly on the site? I'd prefer this to be blocked completely for ALL users even admins.
Thanks a million!
-
That has been discussed here before and is possible with an appropriate .htaccess rule that checks the referrer. But that's neither 100% secure nor works for all your visitors (especially people with pseudo security software that hides the referrer). Maybe it's possible if you use everywhere the readfile (http://www.php.net/manual/en/function.readfile.php) function instead of accessing images directly.
-
The .htaccess file is a route I would like to take. I found a couple different lines of code on here and online and i added it to the .htaccess file and when I do that, none of the images work even when logged in. I also had it redirect the images to a single default image, but it replaced all the images on my gallery with that default image.
What would be the proper way to block external image use using .htaccess? But still allowing access when viewing the photo through the gallery pages?
-
Something like that (http://www.javascriptkit.com/howto/htaccess10.shtml) should work.
-
I tried that initially before posting this and it blocks everything with those file types even when viewing them from the gallery.
-
You need to change mydomain.com to the allowed domain. Post your .htaccess file.
-
Here is my .htaccess file:
RewriteEngine on
Rewritecond %{HTTP_HOST} !^www\.5glibrary\.com
RewriteRule (.*) http://www.5glibrary.com/$1 [R=301,L]
RewriteRule \.(jpg)$ - [F]
-
You have to check for %{HTTP_REFERER} as described in the tutorial. You cannot just copy the last line ::)
Try to replace
RewriteRule \.(jpg)$ - [F]
with
RewriteCond %{HTTP_REFERER} !^http://www\.5glibrary\.com/.*$ [NC]
RewriteRule \.(jpg)$ - [F]
-
Thank you. I will try it when I get home. I need to learn more about this sort of thing. Even though it can be outlined in a tutorial I am very apt to overlook terms and key instructions.
I will let you know if it works. Thanks again!
-
I just tried it and I still have the same problem. It will block the image from directly typing the path in the address bar, but it also prevents images from being viewed on the gallery pages.
-
I just tried it and I still have the same problem. It will block the image from directly typing the path in the address bar, but it also prevents images from being viewed on the gallery pages.
Cannot confirm on my local testbed. This is my entire .htaccess file:
RewriteEngine On
RewriteCond %{HTTP_REFERER} !^http://localhost:88/.*$ [NC]
RewriteRule \.(jpg)$ - [F]
I can view images in the gallery, but cannot access them directly.
-
mod_rewrite needs to be enabled. Talk to your host if that's true for your account.
-
I just sent a help ticket to my host asking about the mod rewrite issue. Thanks guys. I will update as this progresses!
-
Got a fast response from them. Here was their reply:
Mod_rewrite is not enabled because this server does not use Apache. However, the rewriting capability is most certainly active. You can activate it for your domain via the .htaccess with the following two lines. You may still need to turn on rewrites via your CMS however.
Options +FollowSymLinks
RewriteEngine on
Let us know if you have any further questions and we would be glad to help. Thank you.
-
And I just tried adding the options line to the .htaccess and it still doesn't display images in the gallery :( sadface
-
Please fill your existing .htaccess file with only that content
RewriteEngine On
RewriteCond %{HTTP_REFERER} !^http://www\.5glibrary\.com/.*$ [NC]
RewriteRule \.(jpg)$ - [F]
and access your website with the leading 'www.'. If that doesn't work, we cannot do anything for you.
-
Maybe it's a client-side issue?
nor works for all your visitors (especially people with pseudo security software that hides the referrer).
Please report if you have replaced your .htaccess file, so we can also test.
-
I just replaced it with what you recommended. No change here still.
www.5glibrary.com
-
Works as expected for me. See attached screenshot.
-
That is very odd. I tried clearing my internet history here just in case, and tried both IE and firefox and I just get red x's in IE and just the file name in firefox. Very very strange.
-
Seems that your browser, a third-party tool or something else manipulates your referrer. That's what I told you in my first reply ::)
-
Thats great that there is reasoning behind what its doing now, but is there a way around this in the htaccess file?
I tested on an old xp laptop i have. doesn't work in firefox, but works in IE. On my main computer, it doesn't work in firefox OR IE.
I'm probably going to assume there isn't a real 'easy' way around this without changing the way the gallery fetches images.
-
Not sure if you can do it with an ip address restriction. But try to look first for the referrer in your firewall's or other security software's settings.
-
Hi Guys,
I am newbie + no programmer. Have been using 1.4 for 10 months and now upgraded to 1.5x. You guys do a great Job here.
I have uploaded my family pics and all and want super protect. I have ajdusted the group/user settings, but can't get the .htaccess straight. I read through the forum, but didn't work. I have same issue like Shaar (The guy who started this topic).
Let me explain how my gallery is setup.
Its installed in 'i-gallery' folder under http://khanz.net/ . I created sub-domain after installation of CPG in http://khanz.net/i-gallery, but now I am using redirection from http://igallery.khanz.net to http://khanz.net/i-gallery. Luckily everything works fine as far as the the gallery is concerned.
I tried to use the .htaccess in several ways explained in the forum, it does block Hot Linking, however it blocks CPG from retrieving the images.
1st one that I tried
AuthUserFile /dev/null
AuthGroupFile /dev/null
RewriteEngine On
RewriteCond %{HTTP_REFERER} !^http://www.mysite.com.* [NC]
RewriteCond %{HTTP_REFERER} !^http://mysite.com.* [NC]
2nd one that I tried
RewriteEngine on
Rewritecond %{HTTP_HOST} !^www\.mysite\.com
RewriteRule (.*) http://www.mysite.com/$1 [R=301,L]
RewriteRule \.(jpg)$ - [F]
I have tried to place the .htacess file in http://khanz.net/i-gallery/ , in http://khanz.net/i-gallery/albums/ , and in http://khanz.net/i-gallery/albums/myalbum/ folders.
My existing .htaccess file is in /home/khanznet/public_html/, since I have wordpress installed in public_html so I didn't make any changes to that file. Not sure I should post code of that .htaccess file so left it.
Please suggest what would be the best place to save the .htaccess file for my cpg, and what would the code for either redirect to a static Angry Man pic or just blocking the Hot Linking and Index of http://khanz.net/i-gallery/albums/myalbums.
-
Add up....
Currently I'm this .htacces (from CPG FAQs), but I am not sure if its working or not.
SetEnvIfNoCase Referer "^http://www.khanz.net/" locally_linked=1
SetEnvIfNoCase Referer "^http://khanz.net/" locally_linked=1
SetEnvIfNoCase Referer "^http://igallery.khanz.net/" locally_linked=1
SetEnvIfNoCase Referer "^http://khanz.net/i-gallery/" locally_linked=1
SetEnvIf Referer "^$" locally_linked=1
<FilesMatch "\.(gif|png|jpe|jpg|JPG?g)$">
Order Allow,Deny
Allow from env=locally_linked
</FilesMatch>
I have placed it on http://khanz.net/i-gallery/albums/
-
Please have a look at that mod: http://forum.coppermine-gallery.net/index.php/topic,69397.0.html
The thread starter want to contribute a plugin soon.