I had never considered this before so I tried wikiurl/images and got a
403 forbidden message - is this sufficient protection for a standard
MediaWiki install? (mine is PHP as CGI module)
On 2/25/07, Brion Vibber <brion(a)pobox.com> wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Caplan, Hillel (US - New York) wrote:
Separate question from my last post:
How do you prevent a random person from accessing the images directory
directly (i.e. going to
www.wiki_url.com/images)?
Block off the images directory through whatever means you like (move it,
.htaccess, whatever) and set $wgUploadPath to go through img_auth.php as
if it were a directory; that script will mediate access to the files to
require a login.
This requires that your web server's PHP configuration support PATH_INFO
on PHP. (Some CGI-based configurations or others do not.)
- -- brion vibber (brion @
pobox.com / brion @
wikimedia.org)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (Darwin)
Comment: Using GnuPG with Mozilla -
http://enigmail.mozdev.org
iD8DBQFF4ZytwRnhpk1wk44RAuz3AJ9uQyD86mrJlCyJcjsA9iH/4+jYswCaA3e+
j4IMBrUwfeH97wt/RaBzWtU=
=dC6l
-----END PGP SIGNATURE-----
_______________________________________________
MediaWiki-l mailing list
MediaWiki-l(a)lists.wikimedia.org
http://lists.wikimedia.org/mailman/listinfo/mediawiki-l