Ok, latest wordpress plugin. I’m getting quite into these. The other two were modifications. This one is completely from scratch. There are several plugins to make a blog private, making it a good tool for basic collaboration / group ware. However file attachments / images have still been visible too the public, until now.
Private files acts as a proxy, making sure users are logged in before they can download any files. The nice thing about is, it doesn’t modify the current uploads at all, doesn’t store files in a different place, so if you want to stop using it, all links to files stay the same, so you don’t need to redo anything.
Download it here: http://wordpress.org/extend/plugins/private-files/
If you have deactivated the plugin or deleted it and you want to unprotect your files manually, just delete the .htaccess file within your wp-content/uploads directory.
As with most wordpress plugins, the security is not guaranteed, use at your own risk.
Added MS Office 2007 mime types
Enhancements to block URLs with /../ in them
Bugfix which prevented logged in subscriber users from accessing files.
Now accounts for spaces in file names
Shows a warning if you are not using WordPress permalinks
Should work on a wider variety of WordPress setups (subdirectories etc.), but uploads must be a subdirectory of your WordPress directory.
Should work with relative and absolute upload paths
Tested on the latest version of wordpress
Now uses raw file() read instead of echo, which should clear up issues on some setups.
Bug fix so this actually works under various wordpress conditions, eg. root and not root installations of wordpress
Tested with wordpress 2.5.1