Non-Member Access

I am setting up  site for my family to use. I have restricted access to Invite Only. I discovered that if I just typed in "/photo/all/10/1" from the login page I can see all of the photos on the site without logging in or even having a profile. I have also seen that you can view profiles this way too. I turned off Friendly URLs in the Permalinks area hoping it would fix the problem but had no luck. Can anyone offer a solution? Is there real authentication security in the Dolphin app? I do not want to have pictures of my family's children accessible by just anyone.

Thanks,

Dezzy

Also make sure that the box "site is running in free mode" is unckecked; at the top of admin/settings/membership levels.

Thank you both for your replies. I really appreciate it. I have implemented both changes but they do not seem to have fixed my problem. I can still type http://www.mydomain.com/photo/all/10/1 and gain access to the photos on the the site. The same is for the porfiles. do you have any other suggestions I may not have taken into account?

Thanks,

Dezzy

I found this into you answers question:

http://www.dialme.com/articles/entry/How-to-Prevent-direct-access-to-files-and-folders

killerhaai,

This tutorial did help some. It eliminates the ability of someone to just type directly to say a media file (*.jpg) but it does not stop them from runing scripts like browse.php or blogs.php. Something I did notice however is that the link http://www.mydomain.com/blog.php givres an erroe to the user  "Your current membership (Non-member) doesn't allow you to view other members' Blog" if not logged in but the link http://www.mydomain.com/browse.php just runs the script and shows all the photos on the site.

It seems as though there are some scripts actually using the security functions and some that don't.

Any additional ideas would be greatly appreciated.

Thanks,

Dezzy