[wp-hackers] securing /wp-content/uploads
Frank Bueltge
frank at bueltge.de
Thu Apr 5 17:34:24 UTC 2012
check this; also to find via google
http://wordpress.stackexchange.com/questions/37144/how-to-protect-uploads-if-user-is-not-logged-in/37765
Best regards
Frank
On Thu, Apr 5, 2012 at 6:55 PM, Bill Dennen <dennen at gmail.com> wrote:
> You might also look at WP Document Revisions -- one of its features is:
>
> --
> Access Control - Each document is given a persistent URL (e.g.,
> yourcompany.com/documents/2011/08/TPS-Report.doc) which can be private
> (securely delivered only to members of your organization), password
> protected (available only to those you select such as clients or
> contractors), or public (published and hosted for the world to see).
> If you catch a typo and upload a new version, that URL will continue
> to point to the latest version, regardless of how many changes you
> make.
> --
>
> Note, this isn't perfect, or 100% secure, in fact. The actual file is
> still on your server, with a long name filled with seemingly random
> characters. Difficult, but not impossible, to guess.
>
> http://wordpress.org/extend/plugins/wp-document-revisions/
>
>>
>> On 5 April 2012 17:49, Eric Mann <eric at eam.me> wrote:
>> > My recommendation would be to use .htaccess to require authentication for
>> > that directory.
> _______________________________________________
> wp-hackers mailing list
> wp-hackers at lists.automattic.com
> http://lists.automattic.com/mailman/listinfo/wp-hackers
More information about the wp-hackers
mailing list