Sullivan, James (NIH/CIT) [C] wrote: > I employ the "cgi_img_auth.php" method of securing the images directory. I > believe the "image_auth.php" method is similar. With this method a .htaccess > is placed in the /images directory containing "Deny from All". Another > .htaccess in the wiki's main directory contains a rewrite rule that takes any > requests for access to the images directory and re-routes it through the > cgi_img_auth.php code, which verifies authentication before allowing access > to the images directory. This prevents unauthenticated users from directly > accessing the images files, for example with a direct url to the image file. > > Its not clear to me that with this in place I need to also add the rewrite > rule in the images directory, but if this is still needed, where would I > place it? > > -Jim
I think that you would place it in the main .htaccess (with the appropiate path), which is the one handling the images/ folder. I think it would be cleaner if that section was inside the images/ one, though. _______________________________________________ MediaWiki-l mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/mediawiki-l
