hi
http://piwigo.org/releases/2.5.0#protection
GOPIWI wrote:
is this FAQ entry still relevant then? I see no mention of $conf['original_url_protection'] there, so how does this relate?
as it's written it's about the hot-linking and the 2.4 update
Offline
Hi,
flop25 wrote:
http://piwigo.org/releases/2.5.0#protection
ah, ok, it´s hidden in the release notes, ok, thanks! Should go into the installation docs!
as it's written it's about the hot-linking and the 2.4 update
yes, as is written, right you are! The question was: how does this relate?
I guess, the information in this FAQ entry is obsolete for 2.5 then? If yes, this should be marked somehow. If not, ok, then the answer is "no relation at all".
We hit a wall here with the documentation concept: there is no clear differentiation between versions - but I will write this as a request to a separate thread to keep on topic here.
Thanks for the hint and for your attention,
have a nice day,
John
Offline
Hi
we recruit voluntaries for improving the English wiki, because unfortunately that's a bit too frenchy project ^^, so if you want
Offline
Hi,
I just learned that piwigo supports http authentication - just use
$conf['apache_authentication'] = true;
in your config.
Please read on here:
http://piwigo.org/forum/viewtopic.php?p … 02#p145502
Have a nice day,
John
Offline
I'm using a fresh install of Piwigo 2.5.3. I've created 'local/config/config.inc.php', and inserted the following:
<?php $conf['original_url_protection'] = 'all'; ?>
However, when I inspect the HTML, the img tag src attributes are still pointing directly to the files ('_data/...') and not to 'action.php?'. I've also tried using 'images' instead of 'all'.
I've enabled the LocalFiles Editor, and it shows the above code when loading the admin page.
Is there anything special I need to do to get this change to take effect? Thanks for any guidance you can give.
Last edited by BrightEyesDavid (2013-11-06 14:09:57)
Offline
Ah, I see. Thanks for clarifying that.
That's a shame. Assuming there's currently no way to have Piwigo use PHP-served images for generated sizes (allowing for all '_data/*' URLs to be blocked via the webserver, e.g. .htaccess), I see this as a major gap in basic security options. Are there plans to provide for this option?
Offline