Protect sharing photo for direct url

The sharing photos is not protected for direct urls, or anyone with the link can see our pictures, although this is not registered (and that does not give me confidence), is more from another site can link our photos, you move the following example:

http://mysite.com/media/images/sharingImages/[1-200]_m.jpg

(a matter of playing with numbers) in example only 200

Maybe somebody know how to correct this issue? Our site is dolphin 6.1.4

I am getting this error when I try to enable hotlink protection:

"Apache detected an error in the Rewrite config.

httpd: Syntax error on line 190 of /home/xxxxxxxxx/public_html/.htaccess.PG6_l5GYtPNCF8tP7CVUrBL0GUxopT1R: RewriteCond without matching RewriteCond section

Please try again."

What do you think the problem is?

This is my .htaccess file

<Files 403.shtml>
order allow,deny
allow from all
</Files>

deny from 72.37.237.58
deny from 209.147.127.217
deny from 64.106.212.3
deny from 207.249.0.39
deny from 61.100.0.185
deny from 75.102.21.29
deny from 82.165.253.62
deny from 212.122.200.198
deny from 61.222.167.139
deny from 204.2.183.2
deny from 62.65.159.212
deny from 61.152.188.244
deny from 66.98.214.4
deny from 216.180.239.124
deny from 209.147.127.216
deny from 216.17.101.237
deny from 74.52.133.2
deny from 89.108.67.119
deny from 67.228.37.156
deny from 195.70.36.107
deny from 85.235.153.11
deny from 202.164.225.11
deny from 70.85.102.132
deny from 66.218.77.68
deny from 203.146.102.38
deny from 72.9.246.154
deny from 66.113.100.51
deny from 79.180.146.69
deny from 193.34.16.75
deny from 72.36.159.108
deny from 216.127.94.127
deny from 83.170.74.164
deny from 213.186.38.21
deny from 207.210.91.2
deny from 67.228.181.76
deny from 202.221.143.111
deny from 64.15.136.210
deny from 203.157.185.8
deny from 200.149.77.40
deny from 217.172.29.12

Options -MultiViews

<IfModule mod_rewrite.c>

RewriteBase /
RewriteRule ^articles/{0,1}$   articles.php [QSA,L]
RewriteRule ^articles/entry/([^/.]+)/{0,1}$   articles.php?action=viewarticle&articleUri=$1 [QSA,L]
RewriteRule ^articles/entry/{0,1}$   articles.php?action=viewarticle&articleUri=$1 [QSA,L]
RewriteRule ^articles/category/([^/.]+)/{0,1}$   articles.php?action=viewcategory&articleCatUri=$1 [QSA,L]

RewriteRule ^news/{0,1}$  news.php [QSA,L]
RewriteRule ^news/([^/.]+)/{0,1}$  news.php?newsUri=$1 [QSA,L]

RewriteRule ^blogs/{0,1}$   blogs.php [QSA,L]
RewriteRule ^blogs/all/([0-9]+)/([0-9]+)/{0,1}$  blogs.php?page=$2&per_page=$1  [QSA,L]
RewriteRule ^blogs/top/{0,1}$   blogs.php?action=top_blogs [QSA,L]
RewriteRule ^blogs/top/([0-9]+)/([0-9]+)/{0,1}$   blogs.php?action=top_blogs&page=$2&per_page=$1 [QSA,L]
RewriteRule ^blogs/top_posts/{0,1}$   blogs.php?action=top_posts [QSA,L]
RewriteRule ^blogs/tag/([^/.]+)/{0,1}$   blogs.php?action=search_by_tag&tagKey=$1 [QSA,L]
RewriteRule ^blogs/tag/{0,1}$   blogs.php?action=search_by_tag&tagKey= [QSA,L]
RewriteRule ^blogs/posts/([^/.]+)/tag/([^/.]+)/{0,1}$   blogs.php?action=search_by_tag&tagKey=$2&ownerName=$1 [QSA,L]
RewriteRule ^blogs/posts/([^/.]+)/category/([^/.]+)/{0,1}$   blogs.php?action=show_member_blog&ownerName=$1&categoryUri=$2 [QSA,L]
RewriteRule ^blogs/entry/([^/.]+)/{0,1}$   blogs.php?action=show_member_post&postUri=$1 [QSA,L]
RewriteRule ^blogs/entry/{0,1}$    blogs.php?action=show_member_post&postUri= [QSA,L]
RewriteRule ^blogs/posts/([^/.]+)/{0,1}$   blogs.php?action=show_member_blog&ownerName=$1 [QSA,L]
RewriteRule ^blogs/posts/{0,1}$   blogs.php?action=show_member_blog&ownerName= [QSA,L]
RewriteRule ^blogs/posts/([^/.]+)/([0-9]+)/([0-9]+)/{0,1}$   blogs.php?action=show_member_blog&ownerName=$1&page=$3&per_page=$2 [QSA,L]
RewriteRule ^blogs/posts/([^/.]+)/category/([^/.]+)/([0-9]+)/([0-9]+)/{0,1}$   blogs.php?action=show_member_blog&ownerName=$1&categoryUri=$2&page=$4&per_page=$3 [QSA,L]

RewriteRule ^events/{0,1}$  events.php?show_events=all&action=show [QSA,L]
RewriteRule ^events/all/([0-9]+)/([0-9]+)/{0,1}$  events.php?show_events=all&action=show&page=$2&per_page=$1  [QSA,L]
RewriteRule ^events/part/{0,1}$  events.php?show_events=all&action=show [QSA,L]
RewriteRule ^events/search/{0,1}$  events.php?action=search [QSA,L]
RewriteRule ^events/search/([^/.]+)/{0,1}$  events.php?action=search_by_tag&tagKey=$1 [QSA,L]
RewriteRule ^events/my/{0,1}$  events.php?action=show&show_events=my [QSA,L]
RewriteRule ^events/new/{0,1}$  events.php?action=new [QSA,L]
RewriteRule ^events/entry/([^/.]+)/{0,1}$  events.php?action=show_info&eventUri=$1 [QSA,L]
RewriteRule ^events/part/([^/.]+)/{0,1}$  events.php?action=show_part&eventUri=$1 [QSA,L]

RewriteRule ^ads/{0,1}$  classifieds.php?Browse=1 [QSA,L]
RewriteRule ^ads/search/{0,1}$  classifieds.php?SearchForm=1 [QSA,L]
RewriteRule ^ads/my/{0,1}$  classifiedsmy.php?MyAds=1 [QSA,L]
RewriteRule ^ads/new/{0,1}$  classifiedsmy.php?PostAd=1 [QSA,L]
RewriteRule ^ads/cat/([^/.]+)/{0,1}$  classifieds.php?catUri=$1 [QSA,L]
RewriteRule ^ads/all/cat/([0-9]+)/([0-9]+)/([^/.]+)/{0,1}$  classifieds.php?catUri=$3&page=$2&per_page=$1 [QSA,L]
RewriteRule ^ads/subcat/([^/.]+)/{0,1}$  classifieds.php?scatUri=$1 [QSA,L]
RewriteRule ^ads/all/subcat/([0-9]+)/([0-9]+)/([^/.]+)/{0,1}$  classifieds.php?scatUri=$3&page=$2&per_page=$1 [QSA,L]
RewriteRule ^ads/entry/([^/.]+)/{0,1}$  classifieds.php?entryUri=$1 [QSA,L]
RewriteRule ^ads/tag/([^/.]+)/{0,1}$  classifieds_tags.php?tag=$1 [QSA,L]

RewriteRule ^photo/all/([0-9]+)/([0-9]+)/{0,1}$   browsePhoto.php?page=$2&per_page=$1 [QSA,L]
RewriteRule ^photo/gallery_top/{0,1}$  browsePhoto.php?rate=top [QSA,L]
RewriteRule ^photo/gallery_top/([0-9]+)/([0-9]+)/{0,1}$  browsePhoto.php?rate=top&page=$2&per_page=$1 [QSA,L]
RewriteRule ^photo/gallery_top/([0-9]+)/([0-9]+)/{0,1}$  browsePhoto.php?rate=top&page=$2&per_page=$1 [QSA,L]
RewriteRule ^photo/gallery_tag/([^/.]+)/([0-9]+)/([0-9]+)/{0,1}$  browsePhoto.php?tag=$1&page=$3&per_page=$2 [QSA,L]
RewriteRule ^photo/gallery_tag/([^/.]+)/([0-9]+)/([0-9]+)/$  browsePhoto.php?tag=$1&page=$3&per_page=$2 [QSA,L]
RewriteRule ^photo/gallery_tag/([^/.]+)/{0,1}$  browsePhoto.php?tag=$1 [QSA,L]
RewriteRule ^photo/gallery/all/([^/.]+)/([0-9]+)/([0-9]+)$  browsePhoto.php?ownerName=$1&page=$3&per_page=$2 [QSA,L]
RewriteRule ^photo/gallery/all/([^/.]+)/([0-9]+)/([0-9]+)/$  browsePhoto.php?ownerName=$1&page=$3&per_page=$2 [QSA,L]
RewriteRule ^photo/gallery/all/([^/.]+)/{0,1}$  browsePhoto.php?ownerName=$1 [QSA,L]
RewriteRule ^photo/gallery/([^/.]+)/{0,1}$  viewPhoto.php?fileUri=$1 [QSA,L]
RewriteRule ^photo/gallery/{0,1}$  viewPhoto.php?fileUri=$1 [QSA,L]

RewriteRule ^music/all/([0-9]+)/([0-9]+)/{0,1}$  browseMusic.php?page=$2&per_page=$1 [QSA,L]
RewriteRule ^music/gallery_top/{0,1}$  browseMusic.php?rate=top [QSA,L]
RewriteRule ^music/gallery_top/([0-9]+)/([0-9]+)/{0,1}$  browseMusic.php?rate=top&page=$2&per_page=$1 [QSA,L]
RewriteRule ^music/gallery_top/([0-9]+)/([0-9]+)/{0,1}$  browseMusic.php?rate=top&page=$2&per_page=$1 [QSA,L]
RewriteRule ^music/gallery_tag/([^/.]+)/([0-9]+)/([0-9]+)/{0,1}$  browseMusic.php?tag=$1&page=$3&per_page=$2 [QSA,L]
RewriteRule ^music/gallery_tag/([^/.]+)/([0-9]+)/([0-9]+)/$  browseMusic.php?tag=$1&page=$3&per_page=$2 [QSA,L]
RewriteRule ^music/gallery_tag/([^/.]+)/{0,1}$  browseMusic.php?tag=$1 [QSA,L]
RewriteRule ^music/gallery/all/([^/.]+)/([0-9]+)/([0-9]+)$  browseMusic.php?ownerName=$1&page=$3&per_page=$2 [QSA,L]
RewriteRule ^music/gallery/all/([^/.]+)/([0-9]+)/([0-9]+)/$  browseMusic.php?ownerName=$1&page=$3&per_page=$2 [QSA,L]
RewriteRule ^music/gallery/all/([^/.]+)/{0,1}$  browseMusic.php?ownerName=$1 [QSA,L]
RewriteRule ^music/gallery/([^/.]+)/{0,1}$  viewMusic.php?fileUri=$1 [QSA,L]
RewriteRule ^music/gallery/{0,1}$  viewMusic.php?fileUri=$1 [QSA,L]

RewriteRule ^video/all/([0-9]+)/([0-9]+)/{0,1}$  browseVideo.php?page=$2&per_page=$1 [QSA,L]
RewriteRule ^video/gallery_top/{0,1}$  browseVideo.php?rate=top [QSA,L]
RewriteRule ^video/gallery_top/([0-9]+)/([0-9]+)/{0,1}$  browseVideo.php?rate=top&page=$2&per_page=$1 [QSA,L]
RewriteRule ^video/gallery_top/([0-9]+)/([0-9]+)/{0,1}$  browseVideo.php?rate=top&page=$2&per_page=$1 [QSA,L]
RewriteRule ^video/gallery_tag/([^/.]+)/([0-9]+)/([0-9]+)/{0,1}$  browseVideo.php?tag=$1&page=$3&per_page=$2 [QSA,L]
RewriteRule ^video/gallery_tag/([^/.]+)/([0-9]+)/([0-9]+)/$  browseVideo.php?tag=$1&page=$3&per_page=$2 [QSA,L]
RewriteRule ^video/gallery_tag/([^/.]+)/{0,1}$  browseVideo.php?tag=$1 [QSA,L]
RewriteRule ^video/gallery/all/([^/.]+)/([0-9]+)/([0-9]+)$  browseVideo.php?ownerName=$1&page=$3&per_page=$2 [QSA,L]
RewriteRule ^video/gallery/all/([^/.]+)/([0-9]+)/([0-9]+)/$  browseVideo.php?ownerName=$1&page=$3&per_page=$2 [QSA,L]
RewriteRule ^video/gallery/all/([^/.]+)/{0,1}$  browseVideo.php?ownerName=$1 [QSA,L]
RewriteRule ^video/gallery/([^/.]+)/{0,1}$  viewVideo.php?fileUri=$1 [QSA,L]
RewriteRule ^video/gallery/{0,1}$  viewVideo.php?fileUri=$1 [QSA,L]

RewriteRule ^groups/all/{0,1}$ grp.php [QSA,L]
RewriteRule ^groups/entry/([^/.]+)/{0,1}$    grp.php?action=group&groupUri=$1    [QSA,L]
RewriteRule ^groups/category/([^/.]+)/{0,1}$        grp.php?action=categ&categUri=$1    [QSA,L]
RewriteRule ^groups/keyword/([^/.]+)/{0,1}$        grp.php?action=categ&keyword=$1    [QSA,L]

RewriteRule ^search/tag/([^/.]+)/{0,1}$  search.php?Tags=$1 [QSA,L]

RewriteCond %{REQUEST_FILENAME} -f [OR]
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule .+ - [L]
RewriteRule ^([A-Za-z0-9_-]+)$ profile.php?ID=$1 [QSA,L]

RewriteCond %{HTTP_USER_AGENT} ^BlackWidow [OR]
RewriteCond %{HTTP_USER_AGENT} ^Bot\ mailto:craftbot@yahoo.com [OR]
RewriteCond %{HTTP_USER_AGENT} ^ChinaClaw [OR]
RewriteCond %{HTTP_USER_AGENT} ^Custo [OR]
RewriteCond %{HTTP_USER_AGENT} ^DISCo [OR]
RewriteCond %{HTTP_USER_AGENT} ^Download\ Demon [OR]
RewriteCond %{HTTP_USER_AGENT} ^eCatch [OR]
RewriteCond %{HTTP_USER_AGENT} ^EirGrabber [OR]
RewriteCond %{HTTP_USER_AGENT} ^EmailSiphon [OR]
RewriteCond %{HTTP_USER_AGENT} ^EmailWolf [OR]
RewriteCond %{HTTP_USER_AGENT} ^Express\ WebPictures [OR]
RewriteCond %{HTTP_USER_AGENT} ^ExtractorPro [OR]
RewriteCond %{HTTP_USER_AGENT} ^EyeNetIE [OR]
RewriteCond %{HTTP_USER_AGENT} ^FlashGet [OR]
RewriteCond %{HTTP_USER_AGENT} ^GetRight [OR]
RewriteCond %{HTTP_USER_AGENT} ^GetWeb! [OR]
RewriteCond %{HTTP_USER_AGENT} ^Go!Zilla [OR]
RewriteCond %{HTTP_USER_AGENT} ^Go-Ahead-Got-It [OR]
RewriteCond %{HTTP_USER_AGENT} ^GrabNet [OR]
RewriteCond %{HTTP_USER_AGENT} ^Grafula [OR]
RewriteCond %{HTTP_USER_AGENT} ^HMView [OR]
RewriteCond %{HTTP_USER_AGENT} HTTrack [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^Image\ Stripper [OR]
RewriteCond %{HTTP_USER_AGENT} ^Image\ Sucker [OR]
RewriteCond %{HTTP_USER_AGENT} Indy\ Library [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^InterGET [OR]
RewriteCond %{HTTP_USER_AGENT} ^Internet\ Ninja [OR]
RewriteCond %{HTTP_USER_AGENT} ^JetCar [OR]
RewriteCond %{HTTP_USER_AGENT} ^JOC\ Web\ Spider [OR]
RewriteCond %{HTTP_USER_AGENT} ^larbin [OR]
RewriteCond %{HTTP_USER_AGENT} ^LeechFTP [OR]
RewriteCond %{HTTP_USER_AGENT} ^Mass\ Downloader [OR]
RewriteCond %{HTTP_USER_AGENT} ^MIDown\ tool [OR]
RewriteCond %{HTTP_USER_AGENT} ^Mister\ PiX [OR]
RewriteCond %{HTTP_USER_AGENT} ^Navroad [OR]
RewriteCond %{HTTP_USER_AGENT} ^NearSite [OR]
RewriteCond %{HTTP_USER_AGENT} ^NetAnts [OR]
RewriteCond %{HTTP_USER_AGENT} ^NetSpider [OR]
RewriteCond %{HTTP_USER_AGENT} ^Net\ Vampire [OR]
RewriteCond %{HTTP_USER_AGENT} ^NetZIP [OR]
RewriteCond %{HTTP_USER_AGENT} ^Octopus [OR]
RewriteCond %{HTTP_USER_AGENT} ^Offline\ Explorer [OR]
RewriteCond %{HTTP_USER_AGENT} ^Offline\ Navigator [OR] - line 190
RewriteCond %{HTTP_USER_AGENT} ^PageGrabber [OR]
RewriteCond %{HTTP_USER_AGENT} ^Papa\ Foto [OR]
RewriteCond %{HTTP_USER_AGENT} ^pavuk [OR]
RewriteCond %{HTTP_USER_AGENT} ^pcBrowser [OR]
RewriteCond %{HTTP_USER_AGENT} ^RealDownload [OR]
RewriteCond %{HTTP_USER_AGENT} ^ReGet [OR]
RewriteCond %{HTTP_USER_AGENT} ^SiteSnagger [OR]
RewriteCond %{HTTP_USER_AGENT} ^SmartDownload [OR]
RewriteCond %{HTTP_USER_AGENT} ^SuperBot [OR]
RewriteCond %{HTTP_USER_AGENT} ^SuperHTTP [OR]
RewriteCond %{HTTP_USER_AGENT} ^Surfbot [OR]
RewriteCond %{HTTP_USER_AGENT} ^tAkeOut [OR]
RewriteCond %{HTTP_USER_AGENT} ^Teleport\ Pro [OR]
RewriteCond %{HTTP_USER_AGENT} ^VoidEYE [OR]
RewriteCond %{HTTP_USER_AGENT} ^Web\ Image\ Collector [OR]
RewriteCond %{HTTP_USER_AGENT} ^Web\ Sucker [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebAuto [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebCopier [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebFetch [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebGo\ IS [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebLeacher [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebReaper [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebSauger [OR]
RewriteCond %{HTTP_USER_AGENT} ^Website\ eXtractor [OR]
RewriteCond %{HTTP_USER_AGENT} ^Website\ Quester [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebStripper [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebWhacker [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebZIP [OR]
RewriteCond %{HTTP_USER_AGENT} ^Wget [OR]
RewriteCond %{HTTP_USER_AGENT} ^Widow [OR]
RewriteCond %{HTTP_USER_AGENT} ^WWWOFFLE [OR]
RewriteCond %{HTTP_USER_AGENT} ^Xaldon\ WebSpider [OR]
RewriteCond %{HTTP_USER_AGENT} ^Zeus
RewriteRule ^.* - [F,L]

RewriteCond %{REQUEST_FILENAME} -f [OR]
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule .+ - [L]
RewriteRule ^([A-Za-z0-9_-]+)$ profile.php?ID=$1 [QSA,L]

</IfModule>

Many thanks,

Stuart

Stuart  .....  check with your hosting support as that error is either contradictory or so rare no one has ever heard of it  ..... 
My best guess is there is a space there somewhere that is not escaped (preceded by \) but I can't see it if there is  ..... 
.

Will do, many thanks. Does the .htaccess file look ok, I know it is some what complicated with all the i.p. stuff in there.

Stuart

You have this twice  .....

RewriteCond %{REQUEST_FILENAME} -f [OR]

RewriteCond %{REQUEST_FILENAME} -d

RewriteRule .+ - [L]

RewriteRule ^([A-Za-z0-9_-]+)$ profile.php?ID=$1 [QSA,L]


Add the following to the top of all .htaccess files for security  ..... 
<Files .htaccess>      # prevents access to this file

order allow,deny

deny from all

</Files>
Options -Indexes      # prevents browsing in directories without index file

This part just prevents .htaccess calls and viewing.

<Files .htaccess>      # prevents access to this file

order allow,deny

deny from all

</Files>

options -index does prevent index browsing.

If there is a duplicate I would remove duplicate entry's.

But bottom line is I think you really need to switch to a suitable host that can handle dolphin. Otherwise let us know who you host with and what your php settings are as well so we are in a better position to assist you.

gameutopia

dialme.com

Which one should I delete and where is the best place to place this code?

"

RewriteCond %{REQUEST_FILENAME} -f [OR]

RewriteCond %{REQUEST_FILENAME} -d

RewriteRule .+ - [L]

RewriteRule ^([A-Za-z0-9_-]+)$ profile.php?ID=$1 [QSA,L]

"

Stuart

I am with apthost.com.

I find them to be very good for Dolphin. They are actually setup to host it.

Regards,

Stuart

Hey stuart this member aparently has a duplicted entry that is being referred to deleting. You obviously don't want to delete a sinlge entry.

If you want to prevent .htaccess browsing you can add that. If you want to prevent index browsing add that as well. Neither are specific to the api module setup/configuration.

If you are after security and hardening see this link for some other tips and info if you havent yet:

http://www.dialme.com/articles.php?action=viewarticle&articleID=27

And take a look at mscott's blogs when you get a chance.

This is off topic sorry folks.

gameutopia

Basically if your site works without modficications then there is no need to delete a simple re-write statment. It's what make links work and display right. By all means if all is well dont' do away with them.

If you have problems or issues with pages not displaying....404 errors or similar then we would tend to take a look at this.

Security wise has almost nothing to do with the standard boonex rewrites.

But asside from the standard boonex .htaccess code we are free to build on it and adjust it for increased security. Which I strongly suggest you and everyone else look into in your spare time.

No script is perfect. Even microsoft is not perfect you still need to upgrade and follow security. Call me a security freak I don't care, but this is one of the most important things you should monitor and follow for your dolphin site. It's not published and it does take some digging here in the forums.

If you are not sure post a forum or ask a question.

gameuopia

What is the code stuart?

Do not add the ' I see in the post.

Options -Indexes

not

'Options -Indexes

This just prevents index browsing not a big security issue, but it's nice to turn it off anyway.

Should work fine for most hosts. If not depending on your setup you may have to contact your host. Php apache module, cgi, suphp, etc. All are slightly different, but as long as standard codes are used they should yield no problems. It's when you try to use php comands in .htaccess that is setup as cgi that you will have 500 errors.

gameuopia

Stuart,

You entered an apostrophe by mistake in front of the Options -Indexes  .....  (good eye gameutopia)
That is what caused your 500 error  ..... 
Options -Indexes
NOT
'Options -Indexes


Remove the second set of repeated entries at the bottom  ..... 
.

Options -Indexes - the ' was a quote not part of the pasted code!! The Option -indexes still causes a server 500 error with the above htaccess file. Sorry about the confusion.

Stuart

Stuart,

The apostrophe will cause the 500 error though.

Try this instead:
Options +ExecCGI -Indexes

Getting back to the original post:

If you want to prevent directly entering this into ones web browser this can be acheived by .htaccess for the particular folder you are speaking about.

http://mysite.com/media.com/images/SharingImages/1.jpg

and continue with 2.jpg etc. you will actually be able to see them regardless if dolphin is set allow a member access to gallery or not. As long as you know the dolphin file and folder structure it doesn't matter if you are a member or not and whether you have remove the permissions or not in your dolphin admin panel for guest access. Same with everything else in dolphin. As long as you know what you are looking for you can view anyones files pictures, video you name it. Some are harder to guess than others, but in this example yes this does suck that sharedimage/gallery goes right in order. So all I have to do is keep on a going 1.jpg, 2.jpg, 3.jpg, etc. I can see them all. Same with other locations in dolphin.

This is really not a dolphin specific issue as this can be done with any script usually. As long as you know the file and folder structure you can view them all in any script even if you are not a registered member. It's just a matter of learning the structure.

For this one you can prevent direct access by creating and uploading a .htaccess with the following commands to:
yoursite.com/media/images/sharingImages/.htaccess

AuthUserFile /dev/null
AuthGroupFile /dev/null

RewriteEngine On

RewriteCond %{HTTP_REFERER} !^http://www.yoursite.com.* [NC]
RewriteCond %{HTTP_REFERER} !^http://subdomain.yoursite.com.* [NC]
RewriteCond %{HTTP_REFERER} !^http://.yoursite.com/subfolder.* [NC]
RewriteCond %{HTTP_REFERER} !^http://yoursite.com.* [NC]
RewriteCond %{HTTP_REFERER} !^http://www.yoursite.com/subfolder.* [NC]

RewriteRule /* http://www.yoursite.com/index.php [R,L]


The last line RewriteRule is where you want to send them to if they try to directly access a the file. In this case the home page. So update this with your site info. Update with your site which you want to allow access by means of clickable links.

This will work on other folders too, just not ray modules module name files at present. It will work in xml inc's etc just not files.

I am wondering and testing this with rfi's too. If one tries a rfi they theoredically should be forwarded to the homepage as they wouldn't have come through the site itself. thereby due'ing away with a rfi direct access. This is still being tested for rfi, but certainly feel free to build on it and update us if you work on this.

gameutopia

Stuart  .....  did this work  .....  ?
.

Hello RB, No, same error.

Many thanks for your help! I'm sure it will sort it's self out!!

Stuart

Strange  .....  ?

One more time then  ..... 

IndexIgnore *

I am running suphp.exe on my server, do you think that might be causing this problem?

Strange  .....  ?

One more time then  ..... 

IndexIgnore *