On Nov 5, 2007 4:00 PM, Sullivan, James (NIH/CIT) [C] <sullivan(a)mail.nih.gov>
wrote:
I am presented with the directory tree and can access
all files saved
under the images directory. I cannot find anything in the archives
describing this and how to restrict access. I plan to try .htaccess but
I was wondering if there is a better approach and whether other
directories are as unprotected as the images directory from being read
by non-logged in users. Maybe a httpd.conf directive?
How secure do you need the images? Do you want it so that nobody can access
an image without being logged into the wiki, even if they know the file's
location/URL? (For this, you would need to use img_auth.php: <
http://www.mediawiki.org/wiki/Manual:Image_Authorisation>gt;.) Or do you just
not want somebody to have access to all your images in directory listing
format? For that, you can just disable the display of indexes through
httpd.conf or .htaccess (Options -Indexes).
--
Arr, ye emus,
http://emufarmers.com