I have the next in security.yml
file:
access_control:
- { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/admin/, role: ROLE_ADMIN }
- { path: ^/forum/, role: ROLE_USER }
- { path: /usuarios/, role: ROLE_NO_ACCESS }
but if I try to access a file inside /public/img/usuarios/otherDirectory/
putting into the navigation bar, the image is shown in the browser.
Why isn't it denying the access?
Update
I've tried to add this to the Apache site configuration (in my localhost):
<Directory /home/me/MyServer/itransformer-2.0/web/public/img/usuarios>
AllowOverride none
Options -Indexes
Order allow,deny
Deny from all
</Directory>
but I can still access the images directly. Maybe I'm doing something wrong...