how I can prevent browse of my images folder

[isaac_cm]

I have my site online now and I worried about hacks so I should prevent direct access to my images folder , I tried to use .htaccess and it work but since my home page and my templates use images in this folder , now every one try to visit my site will be prompt for user/pass

I was told I have to move my /images folder outside my root folder , for example my root folder is "root" so I have to move images outside "root" and write script to make the images refer correctly to the new place

the problem I do not know what should I do, I know php but I need only highlight steps

thanks

[haaglin]

You can put an empty index.html file in you directory. then all they see is a blank page.

[fert]

chmod

[mcmuney]

I use an index file that redirects to my homepage.

[isaac_cm]

index is very good solution, fert can you please tell me what permission I have to set , in the same time I want my images to be displayed in the home page

thanks

[The Little Guy]

place this file in the directories folder, and tell me how it works.
filename: [b].htaccess[/b]
[code]<Files ~ "^.*\.([Jj][Pp][Gg])">
Order allow,deny
Deny from all
Satisfy All
</Files>[/code]

[isaac_cm]

I sill able to list images

[The Little Guy]

Try this:

http://www.javascriptkit.com/howto/htaccess7.shtml

[isaac_cm]

where sould I place the following command
Redirect /olddirectory http://yoursite.com/newdirectory/

in the index.html or .htaccess

thanks

[isaac_cm]

place [b]IndexIgnore *[/b] work but any one can right click on the picture and get the url of this pic and use it or even save it

for example http://www.domain.com/images/mypic.gif
still could be access

[SharkBait]

If you manage to block them from getting into your images directory, you could then use .htaccess and an Apache Mod_rewrite and block hotlinking to the images.

I don't have my sample of denying hot-linking of images/pdfs because my server is currently down until I go in tomorrow to turn it on.

[isaac_cm]

thanks SharkBait I am willing to see your example

[isaac_cm]

I used .htaccess to prevent hot link to any of my images, but I need to link to some of my images that I want to place in my newsletter emails I send to my customers

what should I do ?

[JasonLewis]

i would just do wat was mentioned before and place a blank or add some error text in an index.html. thats what IPB does.

[isaac_cm]

it seems that there is no solution for this security problem

In case someone subscribe to my newsletter and receive email from me  he will simply will right click on the image and know the link to my site logo so he can use this link and send emails to my customers to fraud them as it was from me

any idea ?