Hackers and needing help to avoid this...

KristineDurkin79KristineDurkin79 Registered Users Posts: 29 Big grins
edited February 19, 2014 in SmugMug Customization
Sooo... I have had some major issues recently. I mainly shoot Boudoir, and the amount of failed attempts to hack my galleries has gone through the roof. Literally I have 15-30 attempts a day. So... I am trying to fix some things. Is there a way that I can have one main page, that they have to enter a password, and it opens to all the galleries (but all private with password), and then each individual gallery has a separate password? Also...is there a way I can change my nav bar, from the drop down that shows all the names of the galleries? The less they see of my clients, the better. I know...a million questions, and I am so grateful for any and all help... I am so worried that these hackers are going to get through. My website is www.m2sp.smugmug.com.

Thanks so much.
Kristine

Comments

  • tomoscotttomoscott Registered Users Posts: 92 Big grins
    edited February 19, 2014
    KristineDurkin79 wrote: »
    Sooo... I have had some major issues recently. I mainly shoot Boudoir, and the amount of failed attempts to hack my galleries has gone through the roof. Literally I have 15-30 attempts a day. So... I am trying to fix some things. Is there a way that I can have one main page, that they have to enter a password, and it opens to all the galleries (but all private with password), and then each individual gallery has a separate password? Also...is there a way I can change my nav bar, from the drop down that shows all the names of the galleries? The less they see of my clients, the better. I know...a million questions, and I am so grateful for any and all help... I am so worried that these hackers are going to get through. My website is www.m2sp.smugmug.com.

    Thanks so much.
    Kristine

    The first thing I would do, without any delay whatsoever, is make those galleries, along with the galleries of all your family clients, either unlisted or private. Right now, they appear to be wide open to anyone on the internet. If I were one of your clients, I would be none to pleased about that.

    Go to each gallery, and make it either unlisted or private until you can figure things out. Secure your clients' privacy FIRST, then figure out how to make it more user friendly.

    On my site, I have a Clients area on my Images menu. That has the name of each client, but after that, a password is required to get to the galleries for each client. Each client is a folder which requires a password, and each gallery requires a password. One big downside of this way of organizing is that it appears there is no "flow-through" of the password, so you have to enter it once to get into the folder, and another time to get into the gallery.

    Another way to handle this would be to make the client folder non-public. This will add some characters to the end of the gallery name, so you would have to give the link to each client, so that they could find it. In my experience, people lose information like this, which is why I didn't opt for this route.
    My Site: tomoscott.com
    Instagram Twitter Facebook
  • AllenAllen Registered Users Posts: 10,013 Major grins
    edited February 19, 2014
    Give your client landing page (top folder) a password. Then each client gallery a different PW. If the client
    is a sub-folder place their password on it but everything underneath leave the PW blank. The PW will flow
    down but only if everything below has blank PW's.
    Al - Just a volunteer here having fun
    My Website index | My Blog
  • DanCarl97DanCarl97 Registered Users Posts: 139 Major grins
    edited February 19, 2014
    Allen wrote: »
    Give your client landing page (top folder) a password. Then each client gallery a different PW. If the client
    is a sub-folder place their password on it but everything underneath leave the PW blank. The PW will flow
    down but only if everything below has blank PW's.

    Yup, this is exactly what we do. We have a "Secure Area" password and then each client (a sub-folder) has another password individual to them. Any galleries within those folders have no password as they are protected by the folder's password.
    - Dan, Studying At College To Enter Science or Programming Field.

    Mel Jones Photography Ltd.
    School and Nursery Photographer working in Blackpool and Lancashire, UK.
    Google+ Page / Local | Facebook Page
  • pilotdavepilotdave Registered Users Posts: 785 Major grins
    edited February 19, 2014
    KristineDurkin79 wrote: »
    Sooo... I have had some major issues recently. I mainly shoot Boudoir, and the amount of failed attempts to hack my galleries has gone through the roof. Literally I have 15-30 attempts a day. So... I am trying to fix some things. Is there a way that I can have one main page, that they have to enter a password, and it opens to all the galleries (but all private with password), and then each individual gallery has a separate password? Also...is there a way I can change my nav bar, from the drop down that shows all the names of the galleries? The less they see of my clients, the better. I know...a million questions, and I am so grateful for any and all help... I am so worried that these hackers are going to get through. My website is www.m2sp.smugmug.com.

    Thanks so much.
    Kristine

    Use strong passwords and ignore the warnings. These aren't sophisticated attacks. They're just people wondering if you're using weak passwords. You could make things as complicated as you want with unlisted galleries and multiple layers of passwords. If that works for your needs, great. But it also makes it tough for clients to get in. All depends on how important it is to keep even the existence of the images a secret.

    Dave
Sign In or Register to comment.