How to make orig_pictures more secure ? How to make orig_pictures more secure ?
 

News:

CPG Release 1.6.26
Correct PHP8.2 issues with user and language managers.
Additional fixes for PHP 8.2
Correct PHP8 error with SMF 2.0 bridge.
Correct IPTC supplimental category parsing.
Download and info HERE

Main Menu

How to make orig_pictures more secure ?

Started by Heroe, February 16, 2009, 03:05:15 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Heroe

Hi i us last version of coppermine 1.4.20 and also watermark for my images,today one friend in my gallery send me link to thumbnail in my gallery when i saw the thumbnail i decide to try to check if my pictures are secured i change thumb_ to orig_ and i see i have access to the original picture not watermarked.
For example this is the thumbnail link ;

albums/userpics/10001/4/thumb_picture.jpg

if i change
albums/userpics/10001/4/thumb_picture.jpg 
to
albums/userpics/10001/4/orig_picture.jpg

everybody is able to see the original pictures :(

i don't want everybody to copy them :( that's why i asking if its possible to secure my original pictures somehow ???


site www.abroadbg.com
user test
pass 123654

phill104

delete the orig_ pics if you don't need them. They are only there so you can undo the watermarking if needed at a later date. If you have backups on your local machine then they are only using up server space.
It is a mistake to think you can solve any major problems just with potatoes.

Stramm

You could make use of a .htaccess file

<Files orig_*>
    Order deny,allow
    Deny from all
    Allow from localhost
</Files>

Heroe

Stramm i need to create new .htaccess file in album's folder,ore to edit to one i have in the main folder ?

@Phill Luckhurst
I want to keep my original pictures,i know if i delete them i don't have for what to worry but i don't want. :)

Stramm

both is possible...
I'd go for a htaccess in the albums folder

Heroe

I make the edits to the .htaccess file in the main folder and this did the trick but now i can't see the original files too, any chance to make them visible just for the admin ?
Thanks for the help :)

Stramm

The above htaccess makes them visible for localhost. Means for php and apps located on your server. Just use php to access the pics. Or add more IPs to the htaccess (eg. your local routers internet IP).

Could look like
    Allow from 217.12.199.1
    Allow from 217.13.14.
    Allow from localhost



Heroe

Thank you Stramm
The trick to put my IP to the .htaccess file doesn't work .

Stramm

you need to put the IP in that is visible from the web (if you use a dsl modem, then the modemsor your routers IP)

Heroe

Im not sure i understand what you saying
i guess i need to restart the router.
Thank you i will mark this topic as solved now :)

Joachim Müller

That's not what Stramm suggested. This is not related to restarting your DSL modem. If you have no idea what a public and what a private IP address is nor what NAT does, you should not fiddle with IP addresses at all. Imo, only people who really know their way around in networking should actually mess with IP addresses that way. Usually, IP address filtering doesn't make sense, since most IP addresses are being assigned dynamically anyway, i.e. they change. This being said I find the whole approach to deny access by IP very pointless.

Heroe

Ok Joachim Müller im not computer guru i  guess you can close the topic Stramm help as much he can (Thank you Stramm) Im sorry i don't  know anything about IP's and modemsoring routers,i know only my IP  :D .