Dorthe Luebbert wrote:
is it possible to protect the image directory (the directory where the uploaded files are stored) from outside access? I don't want (now) that the following links work when accessed by users not logged in:
Media:something.pdf image:something.pdf
The links go to http://mywiki.de/wiki/images/5/57/something.pdf http://mywiki.de/wiki/Bild:somthing.pdf
Did I miss any configure option?
This is not a recommended configuration; MediaWiki is primarily designed to be used for open sites.
Move your images directory ($wgUploadDirectory) outside the web root on the filesystem, or use Apache configuration / .htaccess files to forbid web access to it. Then set $wgUploadPath to point at img_auth.php.
This requires that your PHP setup support PATH_INFO (many CGI configurations do not) and you need to be in $wgWhitelistRead mode or else, of course, there wouldn't be a point.
If you just want to hide images, but let pages be viewed, well that doens't make much sense to me and it probably won't work.
-- brion vibber (brion @ pobox.com)