Thread:Project:Support desk/Prevent unregistered users from viewing files, even if they know the URL/reply

It should be possible to configure your server to examine the HTTP header and give a "403 Forbidden" if an image request did'nt come from your wiki. This is not fool proof as it is easy to fake headers but at least you will prevent some unauthorized users from viewing those images. A PHP script that must be used to retrieve images and can dectect the login cookie would be better but I don't know of anyone that may have/be able to write such a script.