Restrict access to images on my website except through my own htmls

Question

On my website I store user pictures in a simple manner such as: \"image/user_1.jpg\".

I don\'t want visitors to be able to view images on my server just by trying us

Answer 1

As has been said hotlinking protection does not protect your files from listing just by altering their id. Plus Refferer can be easily faked.

In this case I would recommend some kind of authentication. You must create PHP script that will serve images only if it verify logged user via COOKIES or SESSION. (I wouldn't recommend using md5 of user password).

Maybe you'll need some SQL table to save access permissions.

Oh and to protect your images you can just place .htaccess with

deny from all

to the images folder.