Skip to main content
W
Wolandit_IT
Inspiring
July 5, 2020
Answered

Adobe Portfolio password protection

  • July 5, 2020
  • 2 replies
  • 6677 views

Hi, since Portfolio doesn't have a dedicated board anymore, I'll post this question here.

I have set a sitewide password on the portfolio site. Everything works fine, but I see that the assets are still publicly available, if you have the unique url. (ie: https://pro2-bar-s3-cdn-cf6.myportfolio.com/abdfa********************aecc71/0af************************.jpg?h=3a39**************************58 where *s are alphanumeric characters). The url for each image can be found in web development tabs in chrome or Firefox.
Given it seems that the assets are not encrypted, are they safe from crawlers of any kind and search engine indexers? I don't want them to show up anywhere else on the web, and not being collected automatically by any other service.

 

 

This topic has been closed for replies.
Correct answer Nancy OShea

That's exactly what i'm asking here, do Adobe storage servers have a public facing feature to get a list of all files? Or as you put it - are they unwise enough to have it? And how can I know? As you saw, clicking on that link brought you nowhere, but it was just the url for one of my assets, truncated to exclude the file name.
So that server won't let the user list, but is this valid for all network actors?
You said bots can only do what users do, so I think i'm golden. Files on those storage server should be secure, at least as common cloud storage files such as ones on dropbox or gdrive.


To be honest, I'm not sure what you're trying to protect.  Adobe stores assets on Content Distribution Networks just like 75% of worldwide websites do.  Since your site is password protected, your assets are safe as long as your site URLs & password are never released in the wild.  Simple as that.

 

2 replies

Nancy OShea
Community Expert
Nancy OSheaCommunity Expert
Community Expert
July 5, 2020

The Internet is all about sharing information.   Assets stored on a public facing website are accessible to everyone including search engines, robots and humans.  Don't publish anything online that you don't want to share with the world.

 

That said, Adobe Portfolio supports password protection of your entire site or single pages.  But everyone with the password also has access to the assets because that's how the web works.

 

If you think disabling right-click will protect your digital property, think again.  It's absolutely meaningless.  The best you can do to prove ownership is digital watermarking or barcoding.  See the Digimarc plug-in for Photoshop CC below.

https://helpx.adobe.com/photoshop/using/digimarc-copyright-protection.html

 

Nancy O'Shea— Product User & Community Expert
W
Wolandit_ITAuthor
Inspiring
July 6, 2020

Maybe i was not clear enough.

I already set up passwords, and I don't care about people saving my files or not, if I gave them the passwords.

I was asking about network security for the storage servers, since the assets aren't encrypted. I am worried about bots and crawlers collecting and indexing images, not people. So I'm asking, are the media servers crawlable by bots, when my assets are password protected and the option for the search engine discovery is off in the options?

 

Thanks a lot.

T
Test Screen Name
Legend
July 6, 2020

I think you are looking for something that does not and cannot exist. There is no special security that applies only to bots. And bots have no special privileges to let them get a list of pages.

Bots/spiders/indexers visit web sites. When they do so they are just like an ordinary web user with a browser. They connect and read a page they believe to exist. As they read the page they may find links, and the links may be added their list of pages to visit. That's it; starting with a few pages, eventually the whole public web gets visited.

So... if there is no link to your pages, a bot will not know they exist, and cannot visit. But if even one person mentions a link in another public page, or you put it in a user profile, or anything like that, the bots can visit and probably will. Of course bots do not know your password and cannot read what you protect in this way.

(Note: you may read of "robots.txt". This allows a site to ask bots not to visit. But (a) bots are entirely free to ignore this request (b) a site like Portfolio WANTS bots to visit and you cannot add your own pages to an exclusion list).

John T Smith
Community Expert
John T SmithCommunity Expert
Community Expert
July 5, 2020

You need to go to the links below for Portfolio help
https://help.myportfolio.com/hc/en-us/requests/new?ticket_form_id=177168
https://helpx.adobe.com/creative-cloud/how-to/create-portfolio-website.html
https://help.myportfolio.com/hc/en-us/articles/216489627-Manually-configuring-a-custom-domain
https://help.myportfolio.com/hc/en-us
https://portfolio.adobe.com/themes
https://portfolio.adobe.com/
And Lighrtroom Integrations
https://blogs.adobe.com/jkost/tag/portfolio
https://lightroomkillertips.com/getting-images-lightroom-adobe-portfolio-just-got-lot-easier/
https://digital-photography-school.com/create-beautiful-online-gallery-lightroom-classic-cc-adobe-portfolio-15-minutes/

W
Wolandit_ITAuthor
Inspiring
July 5, 2020

Hi thanks. I submitted a ticket, but it was not strictly a problem, just a request for technical information. I don't need help using the product and the product is funcionting as expected.

This is message board stuff, not helpdesk stuff.

Why was the portfolio board shut down?

 

Terms & ConditionsAccessibility statement
Using the community Terms of use Privacy Cookie preferences Do not sell or share my personal information ad choicesAdChoices