Welcome to Piwigo!

I believe you need to use the "LocalFiles Editor" plugin to modify that config file. When you get to the right place, you'll see the message:

/* The file does not exist until some information is entered 
below. Once information is entered and saved, the file will be created. */

I don't think you need a plugin to do what you want. In that Local Files Editor, just add

$conf['guest_access'] = false;

and it should require logging in to see any files.

I also believe that hotlinking is not possible as the file names are hashed. But I don't know if that is true for files added the way you have done (it is for me but I only use the web uploader).

Hopefully someone more knowledgeable than I am can help you out. It's not a high volume forum, but eventually you will get an answer.

Crythes wrote:

I don't think so. You can right click on an image, select copy image address and paste it into you browser and it opens just fine.

Sorry. You are correct. It seems the file names are hashed, but you can indeed just save the link.

Might be worth to try if also

memories.mydomain.com:2113/_data/i/vault/2007/2007/BabyConnor/00011-xx.jpg

doesn't load (or whatever path the image is actually stored).

However, Piwigo is a gallery to *publish* pictures, not to lock them away behind a barb wired wall. If you can't trust even your users who do have login credentials to not pass on an image deep link, then why would you trust them to not pass on the login credentials?

Hello everyone,

I'd like to follow up on this, just because there are some points I do not completely understand. I alerady read a lot about the settings, to secure a Piwigo installation and i.php issue.

What I did so far:

- install and setting up Piwigo; setup users, store some photos
- in local conf I've set:

$conf['guest_access'] = false;
$conf['original_url_protection'] = 'all';
$conf['derivative_url_style'] = 2;

- deny access to /upload and /data/i/upload folders via .htaccess

So everything is up and working fine. Nevertheless individual pictures are accessable by everyone who knows the direct link served by i.php like it was mentioned before in several places.

First, I'm not able to say, what's the risk with that!? There was talked about "(un)guessable URLs", but storage is following a strict pattern. So I think that might be not that hard. Further consideration is, if search engines, spiders, crawlers or bots might grab the images just by trying out all URLs??

Can someone put a spotlight on the risk and chances of the i.php for me?
Maybe somebody from the team might also explain the decision to go that way for i.php!? Actually I don't understand why Piwigo have Login, User Roles, Groups and Permissions while they can be bypassed that easy way (or not that easy depending on answers to above)?
Would it be that hard to implement authentication in i.php like all other scripts seems to have? Is there a technical reason?

Regarding piwigo_privacy plugin: I also tried this, but had some struggle to get adavnced mode running. Then I recognized that Piwigo Android App doesn't wotk with the plugin. So I removed it.

I'm lookong forward to some answers.

Thanks in advance,

hbo;

Last edited by hbo; (2021-01-28 11:25:58)