Hi Liviu,

I've just tried that but it doesn't seem to be working (or I'm doing it wrong)...
I added a .htaccess file to the directory where my original photos reside with:

Order Deny,Allow
Deny from all

in it.

An example photo can be seen here: http://www.russellphotography.net/sandy-beach
You should be able to view this image on its own at this URL: http://www.russellphotography.net/system/files/styles/large/private/photos/Panda/sandy_beach_07.jpg

This is all good, but it then seems you can still edit the URL to view the original photo: http://www.russellphotography.net/system/files/photos/Panda/sandy_beach_07.jpg
Shouldn't that last, non-image styled URL be protected by the .htaccess file? ('cause that's what I'm wanting to accomplish...)

Please advise what I'm doing wrong.

On 02/10/11 01:04, Liviu Nicolicioiu wrote:

You can use imagecache to display
images resized and place an .htaccess in the directory with the original file.

In .htaccess add:

Order Deny,Allow
Deny from all



On Sat, Oct 1, 2011 at 4:43 PM, Peter Anderson <list@panda.id.au> wrote:

Hi all,

I want to allow my users to upload photos from their digital cameras. I
will use Image Styles to resize and watermark the photos to display in
galleries, etc. I then want to prevent access to the original,
full-size, non-watermarked photos; but even using a private file system
with the directory set outside the web root folder, it seems the
original photos are still accessible if you know (or can guess) the URL...

Is there any possible way to prevent anyone accessing the original
photos, but allow full access to the image style derivatives?

--
Kind regards,
Peter Anderson.
http://panda.id.au

--
[ Drupal support list | http://lists.drupal.org/ ]

-- 
Kind regards,
Peter Anderson.
http://panda.id.au