Invision Community 4: SEO, prepare for v5 and dormant account notifications By Matt Monday at 02:04 PM
ProSkill Posted August 1, 2017 Posted August 1, 2017 I have an issue where anyone can see images directly if they have the image link, even if they don't have permission to view it otherwise. I think someone has figured out how to brute force images or crawl my site for them. How do I prevent guest or non-authorized users from viewing images hosted on my forum?
CP_User Posted August 1, 2017 Posted August 1, 2017 I've added this to my .HTACCESS file in my uploads directory RewriteCond %{HTTP_REFERER} !^http://mydomain.com/.*$ [NC] RewriteCond %{HTTP_REFERER} !^http://mydomain.com$ [NC] RewriteCond %{HTTP_REFERER} !^http://www.mydomain.com/.*$ [NC] RewriteCond %{HTTP_REFERER} !^http://www.mydomain.com$ [NC] RewriteRule .*\.(jpg|jpeg|gif|png|bmp|avi|mov|wma|wmf|wmv|doc|pps|xls)$ [R,NC] Glad you brought this up as I've just tried the above and confirmed it works. If someone could check it over too to make sure it's correct.
ProSkill Posted August 2, 2017 Author Posted August 2, 2017 5 hours ago, CP_User said: I've added this to my .HTACCESS file in my uploads directory RewriteCond %{HTTP_REFERER} !^http://mydomain.com/.*$ [NC] RewriteCond %{HTTP_REFERER} !^http://mydomain.com$ [NC] RewriteCond %{HTTP_REFERER} !^http://www.mydomain.com/.*$ [NC] RewriteCond %{HTTP_REFERER} !^http://www.mydomain.com$ [NC] RewriteRule .*\.(jpg|jpeg|gif|png|bmp|avi|mov|wma|wmf|wmv|doc|pps|xls)$ [R,NC] Glad you brought this up as I've just tried the above and confirmed it works. If someone could check it over too to make sure it's correct. That doesn't appear to work or do anything actually.
Recommended Posts
Archived
This topic is now archived and is closed to further replies.