How to protect uploaded files using WordPress authentication | ww.wp.xz.cn

ssorcdivad
(@forefront)

17 years, 9 months ago

Password protecting a post in WordPress does not also protect the files attached to that post. They’re in the filesystem, so if you know the URL of the file, you can just enter its location and still view it. This presents a problem for us.

Is there a way to use WordPress’ authentication system within Apache (or within WordPress?) to also protect files attached to a post.

Many thanks!

Viewing 2 replies - 1 through 2 (of 2 total)

Moderator Samuel Wood (Otto)
(@otto42)

ww.wp.xz.cn Admin

17 years, 9 months ago

I have not tried it, but you could edit the attachment post manually in the database and fill in the post_password field. That will prevent them from loading the attachment post.

However, no, there is no way to make WordPress protect the files directly, even if you know the URL. Those do not go through WordPress. There’s also no way I know of to rig Apache authentication to work with the WordPress user/pass system.

NC@WP
(@ncwp)

17 years, 9 months ago

Take a look at a plugin called Drain Hole; it provides an alternative location for file storage and allows you to restrict access to downloads to users with a certain level of privileges.

Viewing 2 replies - 1 through 2 (of 2 total)

The topic ‘How to protect uploaded files using WordPress authentication’ is closed to new replies.

Tags

authentication

In: Fixing WordPress
2 replies
3 participants
Last reply from: NC@WP
Last activity: 17 years, 9 months ago
Status: not resolved

Topics

Topics with no replies

Non-support topics

Resolved topics

Unresolved topics

All topics