HELP! My photos aren't safe
Rikki
Registered Users Posts: 38 Big grins
Ok. So I decided to google my name - Rikki Dy-Liacco. Then I clicked on images. Then I noticed that some of my thumbnails from my SmugMug account showed up. I'm thinking, "Hey cool".
Well not quite. Digging deeper into the images and the original source of images, I realized that someone somehow had founf a way to hack into my site thus exposing the original files. You can see the hacked link here:
http://www.rdy-liacco.com/hack/feed.mg?Type=gallery&Data=3537853_Nmr8H&format=rss200
Any thoughts? I would hate to think that these images are floating out there for someone to steal.
Thanks.
Rikki
Well not quite. Digging deeper into the images and the original source of images, I realized that someone somehow had founf a way to hack into my site thus exposing the original files. You can see the hacked link here:
http://www.rdy-liacco.com/hack/feed.mg?Type=gallery&Data=3537853_Nmr8H&format=rss200
Any thoughts? I would hate to think that these images are floating out there for someone to steal.
Thanks.
Rikki
0
Comments
If you don't want your originals accessible, you need to set the gallery option 'Largest Size' to something other than 'Original'.
Cheers,
David
SmugMug API Developer
My Photos
You can set whatever maximum size you want available on the web and the original size is safely stored away at Smugmug and used for prints that people order, regardless of that setting. So, you could set the maximum size to L or XL and that's all that a web viewer could ever see, but if they ordered a print, that print would be made from your original.
Homepage • Popular
JFriend's javascript customizations • Secrets for getting fast answers on Dgrin
Always include a link to your site when posting a question
What you posted may only be a "hack" around right-click protection. If that is all it is, it's nothing new. The important thing is to watermark them and do it well. Right-click protection is not really an absolute lock against downloads, it's just an obstacle and inconvenience to those who download. All it really does is prevent the viewer from seeing the image's URL when they right click. The image still has a URL, it just requires some digging to find it. Of all the security measures, a prominent watermark is the most important. Next to that woud be choosing the largest image size you make available (which is the biggest file they can download), and finally right-click protection. You could watermark it to death and make the larger sizes available, or make a less prominent watermark and only have smaller sizes available. If you have very exacting customers, the first option may be a good one so they can inspect the file in detail before they buy it.
http://www.rdy-liacco.com/ you haven't been hacked, that's a feed - feeds are ways that people can keep up with your site
See here, for more: http://www.smugmug.com/help/rss-atom-feeds
They can be blocked, limited but I don't recommend it because they're great for exposure.
Use sensible precautions (block largest sizes if you wish, use watermarking, too).
Portfolio • Workshops • Facebook • Twitter
I just wanted to make sure xl2 sized images were not exposed via rss.
Anyway, ok I didn't realize that's an RSS feed. Whew! But in any event, I'll still minimize the image size that people see. Sorry. I just freaked out when I saw that!
Thanks all!
http://blogs.smugmug.com/pros/2008/07/05/repeat-after-me-feeds-are-our-friends/
Portfolio • Workshops • Facebook • Twitter