How to make orig_pictures more secure ?

[Heroe]

Hi i us last version of coppermine 1.4.20 and also watermark for my images,today one friend in my gallery send me link to thumbnail in my gallery when i saw the thumbnail i decide to try to check if my pictures are secured i change thumb_ to orig_ and i see i have access to the original picture not watermarked.
For example this is the thumbnail link ;

albums/userpics/10001/4/thumb_picture.jpg

if i change
albums/userpics/10001/4/thumb_picture.jpg 
to
albums/userpics/10001/4/orig_picture.jpg

everybody is able to see the original pictures

i don't want everybody to copy them that's why i asking if its possible to secure my original pictures somehow


site www.abroadbg.com
user test
pass 123654

[phill104]

delete the orig_ pics if you don't need them. They are only there so you can undo the watermarking if needed at a later date. If you have backups on your local machine then they are only using up server space.

[Stramm]

You could make use of a .htaccess file

Code Select Expand

<Files orig_*>
    Order deny,allow
    Deny from all
    Allow from localhost
</Files>

[Heroe]

Stramm i need to create new .htaccess file in album's folder,ore to edit to one i have in the main folder ?

@Phill Luckhurst
I want to keep my original pictures,i know if i delete them i don't have for what to worry but i don't want.

[Stramm]

both is possible...
I'd go for a htaccess in the albums folder

[Heroe]

I make the edits to the .htaccess file in the main folder and this did the trick but now i can't see the original files too, any chance to make them visible just for the admin ?
Thanks for the help

[Stramm]

The above htaccess makes them visible for localhost. Means for php and apps located on your server. Just use php to access the pics. Or add more IPs to the htaccess (eg. your local routers internet IP).

Could look like

Code Select Expand

    Allow from 217.12.199.1
    Allow from 217.13.14.
    Allow from localhost

[Heroe]

Thank you Stramm
The trick to put my IP to the .htaccess file doesn't work .

[Stramm]

you need to put the IP in that is visible from the web (if you use a dsl modem, then the modemsor your routers IP)

[Heroe]

Im not sure i understand what you saying
i guess i need to restart the router.
Thank you i will mark this topic as solved now

[Joachim Müller]

That's not what Stramm suggested. This is not related to restarting your DSL modem. If you have no idea what a public and what a private IP address is nor what NAT does, you should not fiddle with IP addresses at all. Imo, only people who really know their way around in networking should actually mess with IP addresses that way. Usually, IP address filtering doesn't make sense, since most IP addresses are being assigned dynamically anyway, i.e. they change. This being said I find the whole approach to deny access by IP very pointless.

[Heroe]

Ok Joachim Müller im not computer guru i  guess you can close the topic Stramm help as much he can (Thank you Stramm) Im sorry i don't  know anything about IP's and modemsoring routers,i know only my IP  .