Hello Kaman,
There are two things that I would try. The first one would be installing an LDAP authentication system on your server, and integrating both MediaWiki and Apache into. Then you could protect the entire directory structure, and have MediaWiki realize when the user is logged on.
The second thing that I would do would be to have your image directory point to a PHP script which would respond back with the image only *if* the user is logged on, and read the image files from a directory that is not available to the internet.
I hope that this helps, Kasimir
On 2/27/07, Kaman Lee kaman_lee@yahoo.com wrote:
Hello,
I've setup Mediawiki so that only logged in users can view and edit wiki content. Everything seems to be working well in regards to page access, however I can't seem to secure uploaded files. I've searched the Mediawiki manuals and wiki for more information on file security, but can't seem to find too much information on it.
Mediawiki is running on my linux box via apache. I've tried moving the default uploads directory outside the installation dir, into a directory (owned by group "nobody") not served by apache, but that didn't work. I was hoping that Mediawiki would access the files directly from the file system instead of via a hyperlink to the file on the server.
Am I doing something wrong or missing something? I'm relatively new to Mediawiki. Any help would be greatly appreciated.
Thanks in Advance,
Kaman
Do you Yahoo!? Everyone is raving about the all-new Yahoo! Mail beta. http://new.mail.yahoo.com
MediaWiki-l mailing list MediaWiki-l@lists.wikimedia.org http://lists.wikimedia.org/mailman/listinfo/mediawiki-l