-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Caplan, Hillel (US - New York) wrote:
Separate question from my last post:
How do you prevent a random person from accessing the images directory
directly (i.e. going to
www.wiki_url.com/images)?
Block off the images directory through whatever means you like (move it,
.htaccess, whatever) and set $wgUploadPath to go through img_auth.php as
if it were a directory; that script will mediate access to the files to
require a login.
This requires that your web server's PHP configuration support PATH_INFO
on PHP. (Some CGI-based configurations or others do not.)
- -- brion vibber (brion @
pobox.com / brion @
wikimedia.org)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (Darwin)
Comment: Using GnuPG with Mozilla -
http://enigmail.mozdev.org
iD8DBQFF4ZytwRnhpk1wk44RAuz3AJ9uQyD86mrJlCyJcjsA9iH/4+jYswCaA3e+
j4IMBrUwfeH97wt/RaBzWtU=
=dC6l
-----END PGP SIGNATURE-----