Hello,
I have setup a private image gallery using modules image,
image_gallery_access, acl and views.
Access control is working well for nodes. But...
Knowing the url to the image files of a "private" gallery, it is possible to
access images directly, ignoring any rules for node access! This is
undermining my efforts to secure private content.
What would be the best way to deny access to the files/images directory?
I suppose the directory should contain a .htaccess file, but how about its
content?
TIA
Marco