1

I have implemented an htaccess code very much like the one asked here: (htaccess) How to prevent a file from DIRECT URL ACCESS?

This solution works quite well to address the link OP's question, but I am looking to take it one step further.

My code currently:

  • redirects direct-accessed images to a "don't do that!" page
  • allows apache to serve the image (i.e. the page displays as it should)
  • allows viewing and download of the image using the developer console

My question is: How do we prevent that last point: the downloading of images from the developer console? Is this possible?

I am using the Safari console, but I expect that other browsers allow similar access. The solution is surely server-side.

enter image description here

Please let me know if I have omitted any crucial information and I shall provide it posthaste!

Note:

In the comments below, Any Moose and I discuss watermarking the images and only releasing the non-marked images to paying subscribers. This does not prevent a malicious subscriber from console-scraping (let's call it) after they have paid, and then sending their downloaded images to others.

Parapluie
  • 714
  • 1
  • 7
  • 22
  • Just FYI, you'll never be able to stop screen captures... – Any Moose Aug 20 '18 at 17:36
  • 1
    @Any Moose That's understood by myself and the client. The site offers (very) high-res imagery as its product, however the full resolution only works when zoomed into a detail view. So screen captures are annoying, but not a huge issue. I'm checking about the php check. – Parapluie Aug 20 '18 at 17:57
  • @Any Moose I just tested the site "http://coloring-4kids.com" as the author answers the question you link to in your comment. They claim to use the referral system, and I still have access to the full-size image in my developer console. :-( – Parapluie Aug 20 '18 at 18:06
  • dang. i was hoping the php option would block it – Any Moose Aug 20 '18 at 18:11
  • i'll look some more – Any Moose Aug 20 '18 at 18:11
  • maybe just watermark view-able images and send the users to secure ftp to download real images – Any Moose Aug 20 '18 at 18:18
  • @Any Moose Thank you for the good ideas. The watermark may work. I was hoping to use something more elegant, for sales reasons, but if I restrict the sample images to only a few, watermarking may not even be necessary. I would still like to know if console access can be restricted though: there are a few naughty developers out there :-) – Parapluie Aug 20 '18 at 18:21
  • nothing i found could block access to the inspector console, lots of articles about blocking right-click save – Any Moose Aug 20 '18 at 18:22
  • I kinda like the watermark because it lets the content out to the world for others to see and envy over...! – Any Moose Aug 20 '18 at 18:25

0 Answers0