I had a question or two, and I thought if I used a nice generic title it could be bumped by other seekers of knowledge.
My question is regarding .htaccess… I used it to protect a folder with my sounds in it, but the sounds were to be called from a page one level up from the protected folder. When accessing the .html it couldn’t call up the image from the protected folder. I didn’t think that .htaccess would prevent my own server from reading the files… Changing the chmod of the folder had the same effect. What is the most appropriate way to go now?
To restate, I need the files images, includes etc to be able to be called by the index-page etc, but for the users not to be able to fill the path to those files into their location bar and get at them that way. Ya with me? Ideas and advice please.
Your server isn’t reading the files. It’s doing it’s job and serving it to the client (i.e the user’s browser). I don’t believe there’s any way you can display an image on a web page without the user being able to grab it; even if you disable right-click menus and the view source menu, the user can still save a copy of the web page including the images and grab them from that. If the user can view the source for the page, they can grab the image that way.
Or are you suggesting that you don’t mind the user being able to grab the image so long as they can’t call it directly? If so, why?
Mainly my own curiosity, partially as a way to prevent people from, for example crosslinking to files and stealing my bandwidth.
The personal curiosity is the main one though.
Another thought I had was to in some way cryptify the filenames, but I haven’t put too much thought into that one yet…
Banning deep-linking to images is something many ISPs and webhosts do themselves; I’d recommend contacting your host to get their technical advice on that one. The problem you’ll face is that the HTML source for your web page is generally going to have to show the address of images displayed on that page.