Invision Community 4: SEO, prepare for v5 and dormant account notifications Matt November 11, 2024Nov 11
Posted August 1, 20177 yr I have an issue where anyone can see images directly if they have the image link, even if they don't have permission to view it otherwise. I think someone has figured out how to brute force images or crawl my site for them. How do I prevent guest or non-authorized users from viewing images hosted on my forum?
August 1, 20177 yr I've added this to my .HTACCESS file in my uploads directory RewriteCond %{HTTP_REFERER} !^http://mydomain.com/.*$ [NC] RewriteCond %{HTTP_REFERER} !^http://mydomain.com$ [NC] RewriteCond %{HTTP_REFERER} !^http://www.mydomain.com/.*$ [NC] RewriteCond %{HTTP_REFERER} !^http://www.mydomain.com$ [NC] RewriteRule .*\.(jpg|jpeg|gif|png|bmp|avi|mov|wma|wmf|wmv|doc|pps|xls)$ [R,NC] Glad you brought this up as I've just tried the above and confirmed it works. If someone could check it over too to make sure it's correct.
August 2, 20177 yr Author 5 hours ago, CP_User said: I've added this to my .HTACCESS file in my uploads directory RewriteCond %{HTTP_REFERER} !^http://mydomain.com/.*$ [NC] RewriteCond %{HTTP_REFERER} !^http://mydomain.com$ [NC] RewriteCond %{HTTP_REFERER} !^http://www.mydomain.com/.*$ [NC] RewriteCond %{HTTP_REFERER} !^http://www.mydomain.com$ [NC] RewriteRule .*\.(jpg|jpeg|gif|png|bmp|avi|mov|wma|wmf|wmv|doc|pps|xls)$ [R,NC] Glad you brought this up as I've just tried the above and confirmed it works. If someone could check it over too to make sure it's correct. That doesn't appear to work or do anything actually.
Archived
This topic is now archived and is closed to further replies.