Prevent downloads from media folders in Magento

Are there any new methods to prevent someone directly downloading a media file if they know the folder path to it on the server? I know there never used to be, but wondered if anything new to this end 开发者_如何学JAVAhad cropped up in the last couple of years?

Or maybe I missed something before and this was always possible??

My Magento 1.4.0.1 store has tons of images, a lot of which I have put a lot of woork into. I am using the Magento watermarking system, which works fine, but if you know the direct file system path to the image, you get served the original, non-watermarked image.

I'd like to stop that if possible?

Cheers!

The solution to this is to deny access to those folders via .htaccess. One of the bad habits that PHP leaves us with is putting everything inside of the web root, which as you say allows people to access individual files out of context of the website itself. However, you can place a file in any folder you like called .htaccess to block that access. The contents of the file should look something like this:

Order deny,allow
Deny from all  

Note that this will still allow PHP to access the files to generate new thumbs, but will disallow all browser access to the files.

Hope that helps!

Thanks, Joe

Would watermarking your images beforehand be an acceptable solution for you? You'll also save some cycles in the process. A simple Google search turned up some links to free (as in beer) watermarking tools. I haven't tested any of those, though.