In Imagevue X2.5, we added pseudo folder password protection functionality. This means that you can set a password for any folder in your gallery from the Imagevue admin, and visitors will be prompted for a password if they try to access this folder.
The password-protection option in Imagevue is NOT an industry-grade secure protection scheme for your folders or galleries. Basically, it prevents your gallery visitors from viewing a specific folder/page from the Imagevue gallery, unless they know the password. It does not add protection to your images and folders outside of the Imagevue application.
How to set a password?
Simply navigate to any folder in your Imagevue Control Panel, and you will see a field “Set Password” at the bottom left. Add your password, and click “save”.
To remove a password, simply navigate to your folder-protected folder and click the “x Remove” button above the password field.
How to set a global password for your gallery
You can also set a global password for your Imagevue gallery, so that visitors need to log in with password when the gallery first loads. To achieve this, simply navigate to your root content folder, and set your password here. Setting a password to your root content folder, will cause Imagevue to prompt for a password when the gallery first loads.
Improving security with htaccess (Apache only)
If you are concerned with file security for password-protected folders, you can use the provided htaccess.txt file to improve security. Copy this file from the root of your gallery, into your content/ folder, and then rename the file from “htaccess.txt” to “.htaccess”. This will prevent access to xml files which can be used to fish out the path to your files.
PS! This method only works on Apache servers, which is 90% chance your website is running from anyway. If you are uncertain if your server is running under Apache, go to Admin › Diagnostics › PhpInfo, and then search for “apache” or scroll down to the following line close to the bottom:
It should say something like:
- There are now two new items in the language file: input_password and incorrect_password. If you are not using English, you may need to go to admin › languages and add values to these fields for your language.
- Although this method is not true file/folder protection, we have also added password protection to the scripts that gets folder information from password-protected folders. This makes it very difficult for anyone to hack a password-protected folder … but not impossible
- Password protection works with all access methods