Gallery 2.3 private Use
|
ManChro
Joined: 2009-09-10
Posts: 5 |
Posted: Thu, 2009-09-10 18:48
|
|
Hi, i install Gallery 2.3 on a Webserver. I want to use the Gallery 2.3 for private family photos. Is it possible to configure Gallery 2.3, that only members who are registred and in group "family" can see photos? I found no option. Thanks! Sorry for my english! |
|
Posts: 16503
From the main page, click Edit Permissions. Remove the permissions for Everybody and add the group Registered Users to be able to view the items. If you need more detailed help, just ask.
____________________________________________
Like Gallery? Like the support? Donate now!!! See G2 live here
Posts: 6
hello,
don't forget to protected the directory to forbid the directory commande (index of) by using
the right .htaccess (Options -Indexes) at the root of the site.
don't forget to that every photo are accessible to the world with the complete URL (without using
a .htaccess giving permission via login/password)
so for private album, i use a long and complex name for the directory to prevent people to guess it.
by example : the people autorised to album private1 can read the url of every photo of that album,
but they can't guess the name of directory for the album private2 wich they are not autorised to see) if you
don't name it private1, private2, etc...
--
katarn.over-blog.com
Posts: 16503
Not with G2 if you follow our advice and put g2data above your webroot. Then people can only access images through Gallery. You can also enable hot link protection. No need to use HTTP Authentication.
Simply don't give the people who have permission to view private1, the permission to view private2. Sounds like you're not letting the software do the work for you and you've made this a lot more complex than needed
If you set and use permissions correctly they wouldn't even be able to see or access private2.
____________________________________________
Like Gallery? Like the support? Donate now!!! See G2 live here
Posts: 6
by gallery, it is right. but by a direct URL, all photo are accessibles for the world (but only with the complete URL)
i use groups and members to autorize or not people to see albums. I have no problem with that.
a situation :
a member is autorized to private1 but not to private2. (autorized to see all versions of image)
He looks at the photo photo1.jpg of private1 and looks at the properties of the file. He sees "xxxx\G2_data\albums\private1\photo1.jpg"
He can try to read "xxxx\G2_data\albums\private2\photo1.jpg" directly by puting the url, on the browser.
(he can guess : "private1 for me so private2 for other ?" and try randomly urls.
is-it possible to prevent that ? I'm not sure without http authentification.
for me, the only solution is to give impossible to guess name of directory.
maybe I'm wrong......
I hope to be clear (english is not my native language...)
Posts: 6
In other word, is-it possible under Gallery to prevent the display of the direct URL of a photo ?
katarn.over-blog.com
Posts: 16503
That's why you do not put g2data into a web accessible directory. First NO URL ever has your g2data directory listed. So someone would have to know where it's at to begin with if you are not following our advice and putting it above your webroot. As long as g2data is not in a web accessible directory, all photos have to be requested through G2. Even if you put g2data below your website, you can still enable hot link protection either using G2's URL Rewrite or by adding such rules to an .htaccess file.
In G3 it's a little different. The directory photos are in is web accessible and has to be, but if you edit permissions to prevent guests from viewing them, they cannot be linked to directly either.
We've thought about this, a lot, and it works very well for both G2 and G3.
There is absolutely no need at all to use HTTP Authentication in either G2 or G3 to protect your images. You can just create user accounts and edit permissions appropriately.
In G2 if you have placed your g2data directory into a web accessible directory you can follow this guide to move it:
FAQ: How can I move my storage folder to another path?
In short, yes. Try hot-linking to one of my photos on my site. You can't, and all I've done is install G2 per our instructions and use the URL Rewrite module. You can even allow hot-linking yet watermark those photos if you'd like.
____________________________________________
Like Gallery? Like the support? Donate now!!! See G2 live here
Posts: 6
sorry but i'm a beginner in web developpement.
For your site, i can read the url for the photo, by example :
http://photos.kevinnehls.com/d/9393-2/mmm_beer_001.jpg
or
http://photos.kevinnehls.com/d/458-5/IMG_3281.JPG
the direct url of theses photos are accessible, is't it ?
what do you call a "web accessible directory" ?
for my site, there is the tree :
/photo/g2data/albums
my host forbid to change the acl of the directory.
(permissions are drwxr-xr-x for all directory)
Posts: 16503
Close your browser, clear you cache (temporary internet files) then try clicking on those links
Aside from you getting a 403 on the direct links
First, those are just links, you did not hot link to the image, nor is that an actual link to the image. I can't even show you an example of an actual link to those images because all requests go through Gallery. My g2data directory is not under photos.kevinnehls.com and you can't access it.
Both of those are are still going through Gallery for the request and all I have to do is go into Gallery and change permissions and you can't access them
No need for HTTP Authentication.
www.example.com/photo/g2data <- that is web accessible
The system path to that might be /var/example.com/www/photo/g2data
/var/example.com/g2data would then not be web accessible.
Another example:
www.example.com/photo/g2data
/home/public_html/photo/g2data
/home/g2data <- Not web accessible
____________________________________________
Like Gallery? Like the support? Donate now!!! See G2 live here