Joomla Security question regarding images
Posted: Wed Nov 09, 2011 12:58 pm
Hi,
I'm facing a "task" regarding file security in Joomla CMS.
Basically it's a general security question.
I have content/articles that are only available for registered users. After login they can view them.
In those articles are images. But those images can be opened directly by entering the URL like: http://www.my_domain.com/imahes/myfolder/image.jpg
In this case those images are the most important part and they should not be accessable for pulbic.
How do you achieve this task?
By the hotlinking-htaccess-rewrite method like this? Is this safe enough?
Or by putting an htaccess into the images folder like this?
I have sort of a mental blockage in which direction to go. Surfed through the web and came to no satisfying conclusion.
Unfortunately there is no default Joomla implemenation for that.
Thanks for any thoughts and help.
I'm facing a "task" regarding file security in Joomla CMS.
Basically it's a general security question.
I have content/articles that are only available for registered users. After login they can view them.
In those articles are images. But those images can be opened directly by entering the URL like: http://www.my_domain.com/imahes/myfolder/image.jpg
In this case those images are the most important part and they should not be accessable for pulbic.
How do you achieve this task?
By the hotlinking-htaccess-rewrite method like this? Is this safe enough?
Code: Select all
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://my_domain/.*$ [NC] [OR]
RewriteCond %{HTTP_REFERER} !^http://www.my_domain/.*$ [NC] [OR]
RewriteRule .*\.(gif|GIF|jpg|JPG|bmp|BMP|wav)$ - [F]
Code: Select all
order deny, allow
deny from all
allow from localhost
Unfortunately there is no default Joomla implemenation for that.
Thanks for any thoughts and help.