I'm facing a "task" regarding file security in Joomla CMS.
Basically it's a general security question.
I have content/articles that are only available for registered users. After login they can view them.
In those articles are images. But those images can be opened directly by entering the URL like: http://www.my_domain.com/imahes/myfolder/image.jpg
In this case those images are the most important part and they should not be accessable for pulbic.
How do you achieve this task?
By the hotlinking-htaccess-rewrite method like this? Is this safe enough?
Code: Select all
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://my_domain/.*$ [NC] [OR]
RewriteCond %{HTTP_REFERER} !^http://www.my_domain/.*$ [NC] [OR]
RewriteRule .*\.(gif|GIF|jpg|JPG|bmp|BMP|wav)$ - [F]
Code: Select all
order deny, allow
deny from all
allow from localhost
Unfortunately there is no default Joomla implemenation for that.
Thanks for any thoughts and help.