Avoid direct-linking to images |
[eluser]veledrom[/eluser]
Hi, Code: $file_content = file_get_contents('web/docs/hello.pdf'); If anyone knew this part 'web/docs/hello.pdf', they would have direct access to it but thank to force_download() which helps us to avoid direct-linkers. Now, I want to display pictures on my site and want to avoid direct-linking. Is there any particular way of doing it CI? 'web/img/image.png' part shouldn't be visible to anyone if they check source code in browsers. I have this as my htaccess in root: Code: RewriteEngine on Thanks
[eluser]Anonymous[/eluser]
There is really no good reason to hide this. You still want the browser to be able to see it don't you ? In case you want to prevent hotlinking i suggest you filter on http referer (do this on your apache server). Another way would be to serve all images through a controller. Generate a hash when the page is created, and let it expire after an hour or so. Code: <img src="/web/imageController/image.png/thehashjustgenerated" /> When a image is requested on the controller let the controller check if the hash is valid and serve the image.
[eluser]CroNiX[/eluser]
Don't waste resources having CI process that. Just prevent hotlinking images or whatever via htaccss. http://altlab.com/htaccess_tutorial.html
[eluser]veledrom[/eluser]
[quote author="CroNiX" date="1337892109"]Don't waste resources having CI process that. Just prevent hotlinking images or whatever via htaccss. http://altlab.com/htaccess_tutorial.html[/quote] I'll try to modify my current htaccess and see how it goes. Just an info, I did changes to my current htaccess before but no image, no css, js worked on my site. Let's see what happens this time.
[eluser]veledrom[/eluser]
Ok guys. I'll try it on Monday but one last thing. I read both htaccess tutorials (in links above) and confused me little since I have no knowledge about htaccess files. What I need is to block everyone including blank referrals and those behind proxies. Redirect them to a page in my website http://www.mysite.com/error Note: My current htaccess file allows my scripts to read css, images and js files in web folder. If blocked site wont work. Please consider this. I combined yours with mine but messed all.
[eluser]veledrom[/eluser]
I can still hot-link to the images with these modified htaccess files: Code: RewriteEngine on Code: RewriteEngine on Please help. My CI folder structure: Code: .htaccess
|
Welcome Guest, Not a member yet? Register Sign In |