Dan Davis wrote:
The Wiki I run is only for authorized users and requires authentication for access to *all* pages. But, one area that slipped in under my radar is the images directory.
$wgUploadPath = "/path/to/img_auth.php";
Keep your physical image directory hidden away somewhere.
Requires that PATH_INFO work on the server (eg, if using PHP as CGI you may have to configure it appropriately. Try a google search for whatever necessary documentation for your combination of web server and PHP.)
(Note that img_auth.php is a little funky; $wgWhitelistRead needs to be set, I think.)
-- brion vibber (brion @ pobox.com)