Use the glide.image_provider.security_enabled property to control the security settings for images. If set to true, images are visible only to authenticated and authorized users. If set to false, images are visible to anyone with a URL to the attachment.

Secure the images on your instance to prevent sensitive information leak. Images on your instance are accessible via urls that end in .iix.

Set the glide.image_provider.security_enabled system property to true to prevent access to your images via these URLs.

Note:

This property is not honored for images from the attachment table if the origin table is one of:

  • Stationeries [sysevent_email_style]
  • Welcome Page Sections [sys_home]
  • System Properties [sys_properties]

Restriction should be applied for unauthenticated users as some attachments might contain sensitive information.

More information

AttributeDescription
Property name glide.image_provider.security_enabled
Configuration type System Properties (/sys_properties_list.do)
Category Access control
Purpose To prevent unauthenticated access of attachment when rendered using the .iix format.
Recommended value true
Default value false
Functional impact No significant impact on the functionality. User experience might be affected a bit because the user who formerly directly accessed .iix must go through authentication.
Security risk (High) Restriction must be applied for unauthenticated users as some attachment might contain sensitive information.
References Administering attachments

Available system properties

To learn more about adding or creating a system property, see Add a system property.