Hi,
I run an internal wiki which is protected with
$wgGroupPermissions['*']['read'] = false; $wgWhitelistRead = array ("Special:Userlogin", "MediaWiki:Common.css", "MediaWiki:Common.js", "MediaWiki:Monobook.css", "MediaWiki:Monobook.js", "-"); $wgGroupPermissions['*']['edit'] = false; $wgGroupPermissions['*']['createaccount'] = false;
so I cannot get in without an administrator-created account. However, file downloads of course seem to work directly if the URL is known, as they are directly served via Apache.
Is there any mod_rewrite rule that requires MediaWiki authentication before offering file downloads (from the images directory), or an extension that does not let users download files directly, but rather uses a MediaWiki wrapper?
I know that wikis are not meant to be private, and a simple .htaccess password protection helps here as well, but maybe there is an easy solution for my needs. ;-)
Thanks, Florian