Translations:Manual:Image authorization/43/en


 * 1) login in to a shell of your web server (similar actions are often possible with your FTP client, if not, ask your provider to assist you)
 * 2) create the unguessable images/upload directory outside of (in parallel to) your document root (note the   at the end of the path):


 * 1) make it read/writeable for the web server:


 * 1) create the .htaccess file as noted above and make it readable only (this is paranoia, because the web server never looks here, only PHP not taking care of .ht* files normally, but just in case this directory ever will be made available to the web server directly) :


 * 1) change your LocalSettings.php config file:

NOTE: The following img_auth.php hacks should not be needed.

(actually this doesn't work properly.. you need to hack your img_auth.php  and remove the check for logged in users and if the image is in the whitelist.. comment these lines: