[pmwiki-users] Securing images

Neil Herber (nospam) nospam at eton.ca
Fri Jan 12 11:45:00 CST 2007


kirpi at kirpi.it wrote:
> Petko's excellent TumbList recipe [1] works nice.
> Now I'm stuck with a "basic", though relevant issue: security.
> 
> All the images are stored, either by ftp or the "upload" action, into
> a /listing/uploads/ directory which is external to the pmwiki
> install.[2][3]
> 
> Although the vast majority of images are to be displayed openly to the
> world, there is a certain amount of pictures that would better be
> shared just between family and friends, as well as some other
> photographs that I would keep just for my own use.
> 
> Would it be an attainable goal?
> If so, how could such a lock be built?[4]
> 
> Luigi

Since this is a straight webserver function, use Apache Basic 
Authentication (assuming you are on Apache or equivalent).

You can then protect any subdirectory you wish by requiring a username 
and password. To keep things simple you can have a "shared" username and 
password for family members and you can even send them links that 
include the AUTH info as in:

>  http://username:password@www.kirpi.it/listing/uploads/family_only/


-- 
Neil Herber
Corporate info at http://www.eton.ca/




More information about the pmwiki-users mailing list