[wp-hackers] securing /wp-content/uploads

[Brian Layman]

Awesome find Frank!  Thanks for posting that. I was actually noodling 
over how combine restricted uploading with the member plugin to do this 
for a charity site I'm working with.  I may turn this into a full blown 
plugin.

Thanks!

Brian Layman


On 4/5/2012 1:34 PM, Frank Bueltge wrote:
> check this; also to find via google
> http://wordpress.stackexchange.com/questions/37144/how-to-protect-uploads-if-user-is-not-logged-in/37765
>
> Best regards
> Frank
>
>
>
> On Thu, Apr 5, 2012 at 6:55 PM, Bill Dennen<dennen at gmail.com>  wrote:
>> You might also look at WP Document Revisions -- one of its features is:
>>
>> --
>> Access Control - Each document is given a persistent URL (e.g.,
>> yourcompany.com/documents/2011/08/TPS-Report.doc) which can be private
>> (securely delivered only to members of your organization), password
>> protected (available only to those you select such as clients or
>> contractors), or public (published and hosted for the world to see).
>> If you catch a typo and upload a new version, that URL will continue
>> to point to the latest version, regardless of how many changes you
>> make.
>> --
>>
>> Note, this isn't perfect, or 100% secure, in fact. The actual file is
>> still on your server, with a long name filled with seemingly random
>> characters. Difficult, but not impossible, to guess.
>>
>> http://wordpress.org/extend/plugins/wp-document-revisions/
>>
>>> On 5 April 2012 17:49, Eric Mann<eric at eam.me>  wrote:
>>>> My recommendation would be to use .htaccess to require authentication for
>>>> that directory.
>> _______________________________________________
>> wp-hackers mailing list
>> wp-hackers at lists.automattic.com
>> http://lists.automattic.com/mailman/listinfo/wp-hackers
> _______________________________________________
> wp-hackers mailing list
> wp-hackers at lists.automattic.com
> http://lists.automattic.com/mailman/listinfo/wp-hackers