[dokuwiki] Re: Securing Downloads
- From: Jan Tönjes <jan@xxxxxxxxxxx>
- To: dokuwiki@xxxxxxxxxxxxx
- Date: Fri, 9 Nov 2007 11:38:56 +0100
Hi,
Am Freitag 09 November 2007 11:02:53 schrieb Andreas Gohr:
> Tan-Vinh Nguyen <tan@xxxxxxxxxx> wrote:
> > This is not a dokuwiki issue
>
> well it is... hehe usually I am the rude one here ;-)
>
Puh... When I read the first answer I was really scared, cus my normal answer
is RTFM as well, and I was pretty sure, that it is _not_ an apache2
issue... ;-) What I wanted to say is, that I would do it that way normaly,
but it doesn't work with dokuwiki, so what to do now ;-)
> All files offered through DokuWiki's media syntax are delivered
> through the lib/exe/fetch.php which will check ACLs and handles caching
> of external files (if enabled). Because all downloads go through this
> single PHP file, no apache config will help you to protect them.
>
Thanks for pointing out, that I am not thaaat stupid.. ;-)
> There is no IP based protection in DokuWiki, but there is AFAIK a tip
> how to add IP checking to the ACL mechanism - search the Wiki.
>
Ok, I found it: http://wiki.splitbrain.org/wiki:tips:ipacl
Thanks! Last question: Will this patch be merged into the "main tree"? I don't
like patching files by hand too much, because it makes installing updates a
lot more difficult later...
Thanks for your help!
Jan :-)
--
DokuWiki mailing list - more info at
http://wiki.splitbrain.org/wiki:mailinglist
Other related posts:
