.htaccess or other security ideas

software development

#1

I have created my website and I don’t want people to have easy access to my images folder. I have set up a .htaccess that if a user type www.mydomain.com/images they get a message that says they don’t have access. However if they typed www.mydomain.com/images/pic1.jpg the picture will show up on the page. I only want my web pages to have access to images directory. What would be the best way to do this?

Also if the only way to disable certain keystrokes like cntl-c is to catch it in a javascript method and not let it do anything?

Thanks.


#2

See http://httpd.apache.org/docs/env.html#examples

It’s only useful for bandwidth thieves who host their own HTML but link to your images. Lots of fun to be had by using an image as a 403 error document, too.

Disabling keystrokes is rather pointless if you are concerned about someone copying stuff. The copy has already been made and anyone who intends to keep the copy knows how to do so. It might piss off your visitors if you go about trying to disable browser functionality. In my opinion, capturing keystrokes is only useful for “applications” where you want shortcuts to performing actions - such as Google Keyboard Shortcuts - http://labs.google.com/keys/index.html