If I set up an articles module and have this only available for 'webmasters' to access, set via the admin panel and say one other group called 'elite' for instance. Would the contents that are included in this module be accessable and spidered by the search engines as normal?

I'm not looking for a way to stop this happening, in fact the reverse.

Does anyone have an answer, opinion or idea to this?

as long as you have any content in "database" and "anonymous" group dont have access Spiders cant index them.

I think the simple answer is no, search engines cannot crawl content that is behind any login requirement.

Let's look into this more closely; Anonymous users group is generally understood to be the users that do not require any logins to view content on your website. That also includes any search engine crawler. So anything that you want to be publically available and crawled by search engines should be in the antonymous users group. Please NOTE most content defaults to registered users group to be viewed and has to be set to the anonymous users group to be viewed publically. This is a security feature and prevents you publishing content publicaly accidentally.

Search engines can't 'login' so they cant view anything that is published ONLY to registered groups or any other user group other than anonymous.

There is just one other caveat that is slightly worrying; Google has recently announced that it is releasing code search. which basically means it will release to searchable results of scripts and code of unprotected directories!

So be aware, that if this intrusion goes ahead with Google you should always put 'private content into a database (via XOOPS permissions) or password protect your HTML directories that contain private content.

The google thing is going to make a big storm over the internet generally, but providing you use XOOPS content permissions system, your pretty safe.

Thank-you for your important question, it will be FAQd

Hope that helps

carnuke, are you referring to this?http://www.google.com/codesearch/

mmm interesting Carnuke, didn't realise Google had these plans, I suppose I should really spend some time keeping up-to date.

Once question, is there any way to prevent Google from doing this? maybe like the disallow robots txt? or perhaps a code encoder, I seem to remember seeing something about being able to prevent code viewing, I ask as some modules allow the use of html/txt upload, I'm presuming even though these could be hidden member content, because they are not database, they could still be indexed by Google?

Ok I suppose more than one question there, lol.

Take care
Tim

Thank you carnuke but i always had google code in my mind.
personally i think any html file (or other file?) in wwwroot is not safe and you cant take it as "private" and "more secure"

so you have 2 ways:

1- as i wrote in my last reply keep all private data in database via XOOPS permission.

2- thanks to Gijoe "wraps" module you can store "ANY FILE" (pics, html , docs ,...) outside of http very easy AND PROTECT IT WITH XOOPS PERMISSIONS.
try download this image( it is a recommendation):
http://d.jadoogaran.org/modules/customer/Recommendations/IUT.jpg

Hi irmtfan,

The module from Peak/Gijoe, do you know if there is there any options in the latest version of myalbum to protect the images.

I ask as I have some people hotlinking my images, stealing bandwith, I was just about to use .httaccess to stop this, but didn't want to run the risk of preventing proxy users, access.

If this myalbum module doesn't do this, can the module you mention prodect the whole uploads directory?

I don't want to restrict access to people hotlinking my site logo, as it helps promote the site.

Thanks for any advice.

Tom

=> Tom, almost.. in fact it'shttp://www.google.com/codesearch without the /backslash LOL otherwise it gives a 404

and yes, there are ways to prevent indexing of files and google will respect this (so I believe). The pain in BTM is simply that the onus is now on webmasters to lock down their files and permissions, whereas before we didn't need to do so except for security sensitive files.

Here's a little background from internetnews.com I'm sure there's a lot more out there to fuel the fire.

There's an argument that there will be advantages to this new feature, as developers will be able to search their own code to see whose using it illicitly. Mmm, a two edged sword I think, as source code will be easier to steal in the first place, thanks to the Google concept.

Quote:
No and i dont know any other gallery module can do that. because always people can use "Direct Linking" when your images are inside webroot.

Quote:
Yes! in theory you can store all your images outside of http using "wraps" and link them one by one in a gallery module.

I'm nearly sure its possible give it a try! but its a tough work also users cant upload images.

Tim said
Quote:

If you have your logo as say a .png file and all other files as .gif, .jpg etc, then you can hotlink protect all files except your logo.

The rewrite rule for .htaccess is:
RewriteEngine on
RewriteRule .*\.(jpg|jpeg|gif|png|bmp)$ - [F,NC]

put list of extensions in that you want to protect, leave out the ones you don't!

You can enhance the protection by
a/ allowing people to access image files directly by typing the URL in browser by adding

RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteRule .*\.(jpg|jpeg|gif|png|bmp)$ - [F,NC]

b/ adding specific sites that may access your images

RewriteEngine on
RewriteCond %{HTTP_REFERER} !^http://mysite.com/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://mysite.com$ [NC]
RewriteRule .*\.(jpg|jpeg|gif|png|bmp)$ - [F,NC]

You may want to add teh major search engines to the allowable list if you want your images indexing by them.

This all supposes of course that that your server supports the rewrite rules. (and if it doesn't, please don't ask me how - I don't know - speak to your system admin.)