Topic: Protecting images
Could you please provide some advice on properly protecting images when using Juicebox password protected gallery.
As long as the password is good enough as a strating point I would like to go a bit further and protect the conetnt from someone guesing the folder name of my password protected gallery (it's a big problem on web server with folder listning enabled) or guesing path and image file names.
As an example, please have a look at my test password protected gallery at http://andrzejwajler.pl/krzys.html
If you gues the gallery sits inside "krzys" folder then you can access the content by simply going to http://andrzejwajler.pl/krzys with no password and the web server will list all the folders and files inside. I could potentially prevent automatic folder content listning by putting custom index.php file inside each gallery folder ("krzys" in this case) but there is still possibility someone could gues the name of the image files and just go directly to http://andrzejwajler.pl/krzys/images/IMG_8930.jpg.
Is there any solution you could recommend to make the gallery and images inside more secure?
I gave a try and put "krzys" gallery folder outside of public webserver folder and then set the config "krzys.xml" file so it looks for images in "../krzys/images/" instead of "krzys/images" but that doesn't work - I've got a juicebox loader spinner with no pictures loaded.
I'm familiar with INCLUDE or READFILE functions in PHP where I can load files that sits outside of my public webserver folder but not sure if it's possible to do something similar to load images from external (not public) location for juicebox?