如何保护您的Images文件夹? [英] How to protect your Images folder?
问题描述
注意,不要停止捕获单个显示的图像,而是停止下载
整个图像目录。
(在我的网站上你会做一个搜索,并获得一些缩略图,这些可以是
逐一放大)。
本主题似乎很频繁。
有些人说你在任何情况下都不能保护你的图像,其他人似乎有b / b
来预防解决方案。
有人说上传到你的网络服务器的所有东西都可以被删除,其他人
设法隐藏文件。
据我所知,到目前为止,我有一个想法,以下可能有效。
请指导我!
我的网站提供商给了我一个有Root文件夹的空间,下面是
WebSiteRoot,其中包含我的网站。 Root文件夹不应该是Web用户可用的
。我在那里放了我的Access DB(通过
ODBC访问)。我有FTP访问这个空间。
所以,我想将我的Image文件夹放在Root文件夹中,并让我的提供者
使它成为一个IIS中的虚拟目录,带有别名,并且没有浏览
permissons(我希望这不会阻止我在我的FTP程序中看到它...),
但写下允许(我上传到它),阅读许可(网上获取
图像),并启用Anonymous Access。
然后我可以使用
Alias名称从我的网站内部引用此虚拟目录。
在IMG SRC中,您可能会看到(别名)URL虚拟目录,但外部用户无法访问它。
这可以阻止用户从我的Image文件夹下载任何图像吗?
即使他们正在使用某种ripoff实用程序?
(或者我应该更进一步,ADO将图像流式传输到
htm-page通过AS P页面是为了完全隐藏URL吗?)
(而且,如果ASP页面对浏览器不可见 - 我可以隐藏我的
图像通过将我的.jpg文件重命名为.asp文件? - 我的意思是,浏览器很高兴
显示图像,即使它被称为.asp)。
谢谢
拉里
LarryM于2003年8月4日在microsoft.public.inetserver.asp.general中写道:NB ,不要停止捕获单个显示的图像,而是停止下载整个图像目录。
你可以随时欺骗一些人
你可以欺骗所有人一段时间
但是......
任何可以下载到浏览器中的东西都可以被复制。 />
所以保持你的asp站点上的所有目录不可浏览是必要的但是
最后安全明智无用。只有你没有下载的图像文件和
给出一个不可思议的名称是相对安全的。但是,有什么用?
还有网站上的那些?
-
Evertjan。
荷兰。
(请在我的电子邮件地址中将x''更改为点数)
2003年8月4日17:02:23 GMT," ; Evertjan"。 <前************** @ interxnl.net>写道:
LarryM于2003年8月4日在microsoft.public.inetserver.asp.general写道:NB,不要停止捕获单个显示的图像,但是要停止下载整个图像目录。
任何可以下载到浏览器中的内容都可以复制。
我不要与此相反......
也许我不清楚。
问题是这样显示的图像文件是否可以直接下载
来自目录?
Larry
LarryM于2003年8月4日在microsoft.public上写道。 inetserver.asp.general:
2003年8月4日17:02:23 GMT,Evertjan。
< ex ******** ******@interxnl.net>写道:
LarryM在2003年8月4日写的
microsoft.public.inetserver.asp.general:NB,不要停止捕获单个显示的图像,但停止下载整个图像目录。
可以下载到浏览器中的任何东西都可以复制。
我不反驳..
也许我不清楚。
问题是这样显示的图像文件是否可以下载
直接从目录?
是的,如果你知道它的名字。
你可能会阻碍通过使用查看
引用者名称的.asp中间文件,但是一旦在浏览器中显示,它在
客户端临时文件中有一个副本。
-
Evertjan。
荷兰。
(请将x''es更改为我的电子邮件地址中的点数)
Hi,
NB, not to stop capturing the single displayed Image, but to stop downloading
the entire image directory.
(In my Website you will do a search, and get some thumbnails, and these can be
enlarged one by one).
This topic seems to be frequent.
Some says that you under no circumstances can protect your images, others seem
to have preventing solutions.
Some says that everything uploaded to your web server can be taken down, others
manage to hide files.
As far as I understand so far I have an idea that the following might work.
Please guide me!
My Web provider has given me a space which has a Root folder, and below it is
the WebSiteRoot, which contains my website. The Root folder should not be
available for Web users. There I for instance put my Access DB (accessed through
ODBC). I have FTP access to this space.
So, I would like to put my Image folder in the Root folder, and have my Provider
make it a Virtual Directory in IIS, with an Alias name, and with No Browse
permissons (I hope that does not stop me from seeing it in my FTP program...),
but Write permisson (for me to upload to it), Read permisson (for the Web to get
the images), and with Anonymous Access set off.
Then I can refer to this Virtual Directory from inside my Website, using the
Alias name.
And in IMG SRC you may see the (alias) URL to this Virtual Directory, but an
outside user should not be able to access it.
Could this stop a user from downloading any images from my Image-folder?
Even if they are using some sort of ripoff utility?
(Or should I have to take a step further and ADO stream the image to the
htm-page through an ASP page in order to hide the URL completely?)
(And also, IF the ASP pages are invisible to the browser - could I hide my
images by renaming my .jpg-files to .asp-files? - I mean, the browser gladly
displays the image even if it is called .asp).
Thanks
Larry
解决方案LarryM wrote on 04 aug 2003 in microsoft.public.inetserver.asp.general:NB, not to stop capturing the single displayed Image, but to stop
downloading the entire image directory.
you can fool some people all the time
you can fool all people some time
but ....
Anything that is downloadable into the browser can be copied.
So keeping ALL directories on your asp site non browsable is imperative but
finally security wise useless. Only image files you do not download and
give a unguessable name are relatively safe. However, what is the use
having those on site anyway?
--
Evertjan.
The Netherlands.
(Please change the x''es to dots in my emailaddress)
On 04 Aug 2003 17:02:23 GMT, "Evertjan." <ex**************@interxnl.net> wrote:
LarryM wrote on 04 aug 2003 in microsoft.public.inetserver.asp.general:NB, not to stop capturing the single displayed Image, but to stop
downloading the entire image directory.
Anything that is downloadable into the browser can be copied.
I don''t contradict that..
Maybe I was unclear.
The question is if an imagefile displayed in this way is downloadable directly
from the directory?
Larry
LarryM wrote on 04 aug 2003 in microsoft.public.inetserver.asp.general:
On 04 Aug 2003 17:02:23 GMT, "Evertjan."
<ex**************@interxnl.net> wrote:LarryM wrote on 04 aug 2003 in
microsoft.public.inetserver.asp.general:NB, not to stop capturing the single displayed Image, but to stop
downloading the entire image directory.
Anything that is downloadable into the browser can be copied.
I don''t contradict that..
Maybe I was unclear.
The question is if an imagefile displayed in this way is downloadable
directly from the directory?
Yes, if you know it''s name.
You could hinder that by using an .asp intermediate file that looks at the
referrer name, but once displayed in a browser, it has a copy in the
clients tempfiles.
--
Evertjan.
The Netherlands.
(Please change the x''es to dots in my emailaddress)
这篇关于如何保护您的Images文件夹?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
