[wp-hackers] securing /wp-content/uploads

[Rafael Ehlers]

Also:

"We will create custom post type called 'forum posts' which
will be the same as regular wordpress posts. "

Use CPT to "forum topics" and comments for forum replys to this topic, it
will be much easier to maintain.

just my 2 cents

On Thu, Apr 5, 2012 at 2:34 PM, Frank Bueltge <frank at bueltge.de> wrote:

> check this; also to find via google
>
> http://wordpress.stackexchange.com/questions/37144/how-to-protect-uploads-if-user-is-not-logged-in/37765
>
> Best regards
> Frank
>
>
>
> On Thu, Apr 5, 2012 at 6:55 PM, Bill Dennen <dennen at gmail.com> wrote:
> > You might also look at WP Document Revisions -- one of its features is:
> >
> > --
> > Access Control - Each document is given a persistent URL (e.g.,
> > yourcompany.com/documents/2011/08/TPS-Report.doc) which can be private
> > (securely delivered only to members of your organization), password
> > protected (available only to those you select such as clients or
> > contractors), or public (published and hosted for the world to see).
> > If you catch a typo and upload a new version, that URL will continue
> > to point to the latest version, regardless of how many changes you
> > make.
> > --
> >
> > Note, this isn't perfect, or 100% secure, in fact. The actual file is
> > still on your server, with a long name filled with seemingly random
> > characters. Difficult, but not impossible, to guess.
> >
> > http://wordpress.org/extend/plugins/wp-document-revisions/
> >
> >>
> >> On 5 April 2012 17:49, Eric Mann <eric at eam.me> wrote:
> >> > My recommendation would be to use .htaccess to require authentication
> for
> >> > that directory.
> > _______________________________________________
> > wp-hackers mailing list
> > wp-hackers at lists.automattic.com
> > http://lists.automattic.com/mailman/listinfo/wp-hackers
> _______________________________________________
> wp-hackers mailing list
> wp-hackers at lists.automattic.com
> http://lists.automattic.com/mailman/listinfo/wp-hackers
>