First time here? Check out the FAQ!

Revision history  [back]

You could:

  1. Create a directory in the filesystem for storing the uploaded images. IMHO, this directory should not be inside the askbot/ tree, but in a separate path, as it may grow in the future. However, the default askbot/upfiles should be OK for small sites (no risk of huge disk occupation because of the avatar files).
  2. Configure your web server (Nginx / Apache) to serve statically the contents (avatars). Beware to carefully configure the AVATAR images path and web server urls.
  3. Review the security considerations. I have observed that askbot will store the "raw" image uploaded by the user (eventually a high resolution image), then creating several "thumbnails" of the original with lower pixel count. You should not make available publicly the high resolution (original) image. Maybe I am being picky here, but I think the application should only expose publicly the scaled-down images.