I have a password protected Wordpress blog, requiring login through wordpress to gain access. However, if you go to the address bar and type in the directory of my zenphoto, you gain immediate access to all the pictures. as in, type http://www.mywebsite.com/pictures, and you get to see all my pictures. I can password protect the folder through my server, but then people who have logins for my blog will need another login for my server. I can password protect individual albums through zenphoto, but this requires an additional login username and password, as opposed to just allowing access since you are logged in through wordpress. I thought zenphoto integrated itself with wordpress passwords, but there is a backdoor here i can't seem to close without messing other things up. Is there some way to make zenphoto check that a person is logged into the website before allowing them access to the pictures? even if they type in the address directly? and without requiring an additional login beyond the initial login to the main wordpress webpage?
I appreciate any guidance someone can give. Thanks.