[Mediawiki-l] restricting file downloads
Florian Effenberger
floeff at gmail.com
Sun Sep 12 09:17:25 UTC 2010
Hi,
I run an internal wiki which is protected with
$wgGroupPermissions['*']['read'] = false;
$wgWhitelistRead = array ("Special:Userlogin", "MediaWiki:Common.css",
"MediaWiki:Common.js", "MediaWiki:Monobook.css",
"MediaWiki:Monobook.js", "-");
$wgGroupPermissions['*']['edit'] = false;
$wgGroupPermissions['*']['createaccount'] = false;
so I cannot get in without an administrator-created account. However,
file downloads of course seem to work directly if the URL is known, as
they are directly served via Apache.
Is there any mod_rewrite rule that requires MediaWiki authentication
before offering file downloads (from the images directory), or an
extension that does not let users download files directly, but rather
uses a MediaWiki wrapper?
I know that wikis are not meant to be private, and a simple .htaccess
password protection helps here as well, but maybe there is an easy
solution for my needs. ;-)
Thanks,
Florian
More information about the MediaWiki-l
mailing list