Appropriate Directory Security?
Posted: Wed Dec 22, 2010 1:46 pm
I apologize for my novice questions, but you guys have been a great help!
Problem:
I have a section of the website that must be secure. I have a typical PHP login script to access the web pages within this section. Within these pages images are called and displayed, these images are what needs to be secure from outside access.
The problem is, that while the PHP login keeps those pages from being displayed without a password, it does not not prevent the images from loading if the URL for said image is directly input into the browser.
I have set up a .htaccess file for the directory, and it stops linking from other sites, but not direct linking. It also prevents access to any sort of directory view. Given that the names of the images are a very long string of generated characters, is this reasonably secure? The people viewing through passworded access I have no problem with direct linking to images, it's outsiders that I want to avoid.
Problem:
I have a section of the website that must be secure. I have a typical PHP login script to access the web pages within this section. Within these pages images are called and displayed, these images are what needs to be secure from outside access.
The problem is, that while the PHP login keeps those pages from being displayed without a password, it does not not prevent the images from loading if the URL for said image is directly input into the browser.
I have set up a .htaccess file for the directory, and it stops linking from other sites, but not direct linking. It also prevents access to any sort of directory view. Given that the names of the images are a very long string of generated characters, is this reasonably secure? The people viewing through passworded access I have no problem with direct linking to images, it's outsiders that I want to avoid.