该插件尚未通过WordPress的最新3个主要版本进行测试。 当与较新版本的WordPress一起使用时,可能不再受到维护或支持,并且可能会存在兼容性问题。

Htaccess Secure Files

描述

The Htaccess Secure Files plugin can only be activated on Apache web servers with mod_rewrite enabled, and will automatically raise an error upon activation if this is not the case.

The Htaccess Secure Files plugin allows for setting files to be accessible only to visitors who have a specified IP address or WordPress role or capability. By using .htaccess files to secure the content instead of a separate directory outside the web root, WordPress’s native media library functionality can be used to upload secure files and link to them from within the visual editor.

By default all built-in WordPress roles will be allowed to access content that is marked as secure. The Settings -> Secure Files admin screen controls which roles, capabilities, and IP addresses are allowed to view or download secured files. If a custom role or capability is desired, there are several WordPress plugins capable of creating and editing roles and capabilities.

Any visitor that matches any selected role, capability, or IP address will be allowed to access secured files.

This plugin works by creating a .htaccess files in the directory of each secured file. If you manually edit the .htaccess file and it becomes corrupt (a 500 Internal Server Error is the most likely symptom), I recommend deleting the .htaccess file and then edit and save each secured item in the media library.

屏幕截图

  • Change the “Secured File” value to Yes on the Edit Media screen to secure a file.
  • Select the user roles that can access secured files.
  • Select the user capabilities that can access secured files.
  • Select which IP addresses can access secured files.

安装

  1. Unzip the zip archive and upload the htaccess-secure-files directory to your /wp-content/plugins/ directory.
  2. Activate the plugin through the ‘Plugins’ menu in WordPress.
  3. On the ‘Settings’ -> ‘Secure Files’ admin screen select which roles, capabilities, and IP addresses will be allowed to access secure files and what the server response should be for those denied access.
  4. To secure individual files edit the file on the ‘Media’ admin screen and change the ‘Secured File’ setting to ‘Yes’.

评价

此插件暂无评价。

贡献者及开发者

“Htaccess Secure Files” 是开源软件。 以下人员对此插件做出了贡献。

贡献者

将“Htaccess Secure Files”翻译成您的语言。

对开发感兴趣吗?

您可以浏览代码,查看SVN仓库,或通过RSS订阅开发日志

更新日志

0.5

  • Adding smarter detection when WordPress is installed in a sub-directory of a site.

0.4

  • MIME/Content-type detection routine expanded (in order of priority): 1) Use WordPress’s built-in (or plugin modified) MIME types. 2) Use Fileinfo PECL extension if installed. 3) Check with mime_content_type (deprecated). 4) Fallback to ‘application/octet-stream’.

0.3

  • “Denied access response” is now customizable: WordPress login, 403 Forbidden, 404 Not Found, or custom redirect.

0.2

  • Added “Secure” column to media manager list table
  • Added simple IP address whitelisting (may add more complexity in a later version)
  • Added the capability to hide/disable the admin interface with a define statement
  • Added screenshots

0.1

  • Initial version