[dokuwiki] Re: Securing Downloads

  • From: Tan-Vinh Nguyen <tan@xxxxxxxxxx>
  • To: dokuwiki@xxxxxxxxxxxxx
  • Date: Fri, 9 Nov 2007 12:04:33 +0100

Sorry guys,

i never estimated someone that the person is stupid, just lazy ;-)

maybe i get too much pissed off as consultant with customers or i watch dr. 
house too much

i was misunderstanding the problem,  i thought'u place a link to a certain 
directory with files, not the file itself

nice to know

i apologize

cu 

vinh

On Friday 09 November 2007 11:38:56 Jan Tönjes wrote:
> Hi,
>
> Am Freitag 09 November 2007 11:02:53 schrieb Andreas Gohr:
> > Tan-Vinh Nguyen <tan@xxxxxxxxxx> wrote:
> > > This is not a dokuwiki issue
> >
> > well it is... hehe usually I am the rude one here ;-)
>
> Puh... When I read the first answer I was really scared, cus my normal
> answer is RTFM as well, and I was pretty sure, that it is _not_ an apache2
> issue... ;-) What I wanted to say is, that I would do it that way normaly,
> but it doesn't work with dokuwiki, so what to do now ;-)
>
> > All files offered through DokuWiki's media syntax are delivered
> > through the lib/exe/fetch.php which will check ACLs and handles caching
> > of external files (if enabled). Because all downloads go through this
> > single PHP file, no apache config will help you to protect them.
>
> Thanks for pointing out, that I am not thaaat stupid.. ;-)
>
> > There is no IP based protection in DokuWiki, but there is AFAIK a tip
> > how to add IP checking to the ACL mechanism - search the Wiki.
>
> Ok, I found it: http://wiki.splitbrain.org/wiki:tips:ipacl
>
> Thanks! Last question: Will this patch be merged into the "main tree"? I
> don't like patching files by hand too much, because it makes installing
> updates a lot more difficult later...
>
> Thanks for your help!
>
> Jan :-)



-- 
Application Development
Tan-Vinh Nguyen

Kammerratsheide 18
33609 Bielefeld
--
DokuWiki mailing list - more info at
http://wiki.splitbrain.org/wiki:mailinglist

Other related posts: