How to protect media directory with .htaccess?

0 Views

I am trying to protect the uploads directory with .htacess.

But when I browse media section in admin panel, I see user/pass popup.
My guess is, WordPress use fopen to find if the file exists. I found mod_rewrite rule allowing fopen but I can’t figure out how to use those rules with basic HTTP authentication. Any help is highly appreciated.

Read More

following is the rewrite rules for allowing fopen: 

RewriteEngine On  
RewriteBase /

RewriteCond %{THE_REQUEST} ^.+$ [NC]  
RewriteRule .* - [F,L]
Post Views: 0

Related posts

Leave a Reply

2 comments 

  1. # Only allow access to this directory if they are coming from your domain; excluding you, your server, Google and any other IPs
RewriteEngine On
RewriteCond %{REMOTE_ADDR} !^(xxx.xxx.xxx.xxx|xxx.xxxxxx.xxx|66.249.)
RewriteCond %{HTTP_HOST} !^(127.0.0.0|localhost) [NC]
RewriteCond %{HTTP_REFERER} !^https?://(.+.)?yourdomain.com/ [NC]
RewriteRule .* http://yourdomain.com/ [L]

    That should help, I think