Hi all,
I installed Omeka soon and I’m perfectly seduced by this tool.
However, a little thing bothering me, it’s the direct access to the files by the absolute link.
Indeed, if I want to upload files, Omeka changes the names to make indistinguish them and it’s an advantage. However, if I copy the direct link to a file, even if I’m connected or not, the file loads.
Do you know a way to restrict the ressources access/download only for people connected to the platform ?
I try to manipulate some variables in the .htaccess file in the plateform’s base directory, but nothing effective. Idem by puting a .htaccess file directly in the /files/original/ directory.
The only results I obtained for now are:
- A total blocking to directory and files contained for connected and non-connected users
- A blocking only to the directory but still direct access to the files by absolute link for all users
- A redirection to the users connection page during access attempting to the file by the absolute link, once the connection is done, appears a message:
“Error 404 - Page not found”
"/files/original/file_name.pdf is not a valid URL."
This last result seems to be a first resolution lead to my problem, obtained by modify the .htaccess file in the plateform root directory in the code portion:
Allow direct access to files (except PHP files)
RewriteCond %{REQUEST_FILENAME} -f
RewriteRule !.(php[0-9]?|phtml|phps)$ - [C]
RewriteRule .* - [L]
RewriteRule ^install/.$ install/install.php [L]
RewriteRule ^admin/.$ admin/index.php [L]
RewriteRule .* index.php
By adding the format wanted after “phps”.
I thank you a lot by advance for all answers you can bring to my question.
Best regards,
Stephan
P.S.: I precise that my post is really similar to this previous post that has no answers: Restrict access to PDF file?