Would this be more secure than the .htaccess method? Would it be the same from the user's point of view?<br><br><div><span class="gmail_quote">On 12/7/05, <b class="gmail_sendername">H. Fox</b> <<a href="mailto:haganfox@users.sourceforge.net">
haganfox@users.sourceforge.net</a>> wrote:</span><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">On 12/7/05, Patrick R. Michaud <<a href="mailto:pmichaud@pobox.com">
pmichaud@pobox.com</a>> wrote:<br>> Thus, if the wiki administrator turns off access to uploads via<br>> direct url (e.g., via a .htaccess file or equivalent),<br><br>Another method, which isn't equivalent but has the same effect
<br>(disallowing direct access to uploaded files), would be to move<br>uploads outside your web server's document tree. You can use<br><br>$UploadDir = '/some/path/the/server/won't/serve/from/uploads';<br><br>PmWiki can run with all script-written files stored outside the web
<br>document tree, which is pretty impressive. For a clunky method of<br>setting this up, see<br><a href="http://www.pmwiki.org/wiki/Cookbook/SourceForgeServers">http://www.pmwiki.org/wiki/Cookbook/SourceForgeServers</a>
<br><br>Hagan<br><br>> then the only<br>> way to access uploaded files will be by using ?action=download on a<br>> page, and this will require read permission to the page.<br>><br>> Hope this helps...?<br>>
<br>> Pm<br><br>_______________________________________________<br>pmwiki-users mailing list<br><a href="mailto:pmwiki-users@pmichaud.com">pmwiki-users@pmichaud.com</a><br><a href="http://host.pmichaud.com/mailman/listinfo/pmwiki-users">
http://host.pmichaud.com/mailman/listinfo/pmwiki-users</a><br></blockquote></div><br>