Hi,
is it possible to protect the image directory (the directory where the uploaded files are stored) from outside access? I don't want (now) that the following links work when accessed by users not logged in:
Media:something.pdf image:something.pdf
The links go to http://mywiki.de/wiki/images/5/57/something.pdf http://mywiki.de/wiki/Bild:somthing.pdf
Did I miss any configure option?
Thank you
Dorthe
On 23 Apr 2005, at 01:57, Dorthe Luebbert wrote:
is it possible to protect the image directory (the directory where the uploaded files are stored) from outside access? I don't want (now) that the following links work when accessed by users not logged in:
Media:something.pdf image:something.pdf
The links go to http://mywiki.de/wiki/images/5/57/something.pdf http://mywiki.de/wiki/Bild:somthing.pdf
Did I miss any configure option?
I'm not sure I understand what you're asking. If you upload the files, and don't want people to access them, why did you upload them?
In order to accomplish upload, the /images directory must be writable by the httpd process. (Although, at least in 1.4b5, MediaWiki is making subdirectories that are world-writable, which is a no-no.)
:::: I think I'll become a Unitarian -- I've always been fond of the metric system. :::: Jan Steinman, http://www.Bytesmiths.com/Item/99AG24
is it possible to protect the image directory (the directory where the uploaded files are stored) from outside access? I don't want (now) that the following links work when accessed by users not logged in:
Media:something.pdf image:something.pdf
The links go to http://mywiki.de/wiki/images/5/57/something.pdf http://mywiki.de/wiki/Bild:somthing.pdf
Did I miss any configure option?
I'm not sure I understand what you're asking. If you upload the files, and don't want people to access them, why did you upload them?
The people that are logged in the wiki should see them, all others not. I don't want (at the moment) that people give Image-links to other people without wiki access that work.
Installed is version 1.3.11 (at least Spezial:Version says so)
Dorthe
Dorthe Luebbert wrote:
is it possible to protect the image directory (the directory where the uploaded files are stored) from outside access? I don't want (now) that the following links work when accessed by users not logged in:
Media:something.pdf image:something.pdf
The links go to http://mywiki.de/wiki/images/5/57/something.pdf http://mywiki.de/wiki/Bild:somthing.pdf
Did I miss any configure option?
This is not a recommended configuration; MediaWiki is primarily designed to be used for open sites.
Move your images directory ($wgUploadDirectory) outside the web root on the filesystem, or use Apache configuration / .htaccess files to forbid web access to it. Then set $wgUploadPath to point at img_auth.php.
This requires that your PHP setup support PATH_INFO (many CGI configurations do not) and you need to be in $wgWhitelistRead mode or else, of course, there wouldn't be a point.
If you just want to hide images, but let pages be viewed, well that doens't make much sense to me and it probably won't work.
-- brion vibber (brion @ pobox.com)
mediawiki-l@lists.wikimedia.org