[Typo3-dev] Extension and resources (images, ...) and security
Steffen Mueller
steffen at davis.kommwiss.fu-berlin.de
Thu May 13 13:35:44 CEST 2004
On 13.05.2004 12:02 Daniel Brün wrote:
> Hi Steffen!
>
> Steffen Mueller wrote:
>
>> Restrict the permissions of the /typo3conf directory with .htaccess:
>>
>> <--- snip
>> Order Deny,Allow
>> Deny from all
>> snap --->
>>
>> This will deny any user to access /typo3conf and its subdirectories.
>
>
> Exactly. And all images or other resources, which reside in those
> extension-directories can not be accessed, either.
> See the problem?
>
I see. Seems I'm a bit densed, today.
*more cautios* Just a guess:
Instead of being linked directly (or via /fileadmin, as you mentioned),
why not process images first and then deliver from typo3temp?
Reduces performance, I know... I'm thinking of a dummy transformance,
just copying images 1:1 to typo3temp, of course rename to a734672346.gif
--
cheers,
Steffen
----------------------------------------------------------
"Education is man's going forward from cocksure ignorance
to thoughtful uncertainty." (Don Clarks' Scrapbook)
----------------------------------------------------------
More information about the TYPO3-dev
mailing list