As for the use of .htaccess to disallow direct access (pulled from another site, in reference to blank referrers):
You can prevent people from directly accessing an image by typing in the URL in their browser, however, some surfers may use a personal firewall or antivirus program that deletes the page referer information sent by the web browser. Hotlink protection is based on this information. So if you choose not to allow blank referers, you will block these surfers.
I am now back to doing two installations if I cannot figure out how to fix this issue. I really don't like this option as not only is it not as elegant for the user, I have to do two posts for every update as opposed to one.
As for Magic Members, I love everything about it BUT this one little detail. I mean, that's a big ball to drop in my mind. As it stands, there is no built in way to secure any viewable media, only the post containing the media. So, if someone can just find where you store all your videos, images, audio, etc., the door is standing wide open.
Presently, I am looking into moving the content directory out of the webroot and making all content calls from within php. I think this will sufficiently fix the issue but I am still working on the system. If all does work out, I think Magic Members should give me royalties or something...
