I agree about the AM team being a talented group and AM2 is awesome!!! On the whole, support is spot on.

It is a big hole in AM2 though and it needs to be addressed in future releases.

They have quoted me $400 to add in a customs uploads publishing feature. This would come out of my pocket rather than my clients. I sold this functionality to them knowing it was there in AM1.

I wonder whether another option would be to purchase an additional install of AM2 and mirror all the menus etc. then use server level redirects to move back to the original install of the site. This way you could have a different uploads folder (with session based / htaccess protection). A lot of work and extra cost if you have 40+ categories like I have. Just a thought.

Cheers,
Rees.

Re: [air-ship] Custom uploads directory - a big hole in AM2

$400 is a bit steep I wonder if their is anyone else that needs this feature to split the cost with you. I'm still using artman 1 and am testing artman2 again. Everything came over quiet well except for any publishing to different folders or locations. So I'm trying to see how much work is involved in the move and the benefits to it. I just noticed that i could setup a publishing rule to publish the articles i want into different locations, But I'm running into some form of publishing error using the same pub id.

So i have to look into this. My real concern is the renaming of some of the articles that where in the root directory. I would have preferred that they got moved but kept their name, instead of naming the folder the old filename and sticking the index.shtml on the file. Since we could have set up a permin. redirect pointing to the file that might have had a seo name to it.

So i wonder if thats an option to have them be called the original name. This causes a problem when you have to check + articles.
Hi there. I got a good suggestion from Ross on protected content in the uploads folder:

Was just talking with the developer and he had another idea. If you had a prefix on all on the files that needed to be password protected, we could use an .htaccess file on your server to protect them.

I am not quite sure how your protection method works though so I am not sure if this idea will work. Basically, just add something like "protected_" to the start of any file before you upload it.

Ex: let's say you want to protect a PDF called "July_08_meeting_minutes.pdf". All you do is rename that file to "protected_July_08_meeting_minutes.pdf" before you upload it and that would be all there is to it.

Does that sound like it's going to work? Let me know what you think :).


This seems like a great idea and we will give it a try!

Cheers,
Rees.

Re: [air-ship] Custom uploads directory - a big hole in AM2

By marys - April 21, 2009 - edited: April 21, 2009

Talk about throwing me a curve...

I need to password protect a custom uploads directory and didn't know AM2 won't let me do that.

Please tell me more about using the .htaccess file.

Would it need to be in the root directory or in the uploads directory?

Please provide sample code for the file.

On second thought, I don't think .htaccess will work. I need to protect uploaded files that can be accessed by members only, all of whom have their own password.

Do you have a solution?

Re: [marys] Custom uploads directory - a big hole in AM2

Hi there,

For details on how to use an .htaccess, try contacting your hosting provider or hitting up Google -- they can generally give more more details on the specifics of password protecting specific content.

If your members have their own usernames & passwords, I'm assuming you have some form of user management already? Could you use your current method of user management to protect that directory as well?
Donna

--
support@interactivetools.com

Re: [marys] Custom uploads directory - a big hole in AM2

Hi Marys,

This method would require that your files be named appropriately, but this appears to work:

AuthType Basic
AuthUserFile /server/path/to/.htpasswd
AuthName "Members Area"
Order deny,allow
<Files uploads*>
require valid-user
</Files>

What this basically says is that any file that starts with "uploads" (ie, "uploads_filename.jpg" or "uploads-randomdocument.pdf") is protected, but any other file name is not. This means that when you're uploading files to your protected articles, you would need to make sure the filenames have been changed to start with "uploads".

Would something like that work for you?
Donna

--
support@interactivetools.com

Re: [Donna] Custom uploads directory - a big hole in AM2

I've spent so much time on this issue.

I'd forgotten that my member management program uses mod_rewrite, which means (I think) that I don't have an .htpasswd file.

Is that right? If so, do you have any other ideas as to how I might solve this problem?

Thanks, Donna.

Re: [marys] Custom uploads directory - a big hole in AM2

Hi there,

Hmm, not sure. Can you go into more detail about what you use for member management?
Donna

--
support@interactivetools.com

Re: [Donna] Custom uploads directory - a big hole in AM2

Password Protector SD - http://www.passwordprotectorsd.com/

The program can secure entire folders only.