Support » Plugin: User Photo » [Plugin: User Photo] Tip for members-only sites

  • I am using User Access Manager (UAM) to run a members-only blog, but found that my User Photo images were entirely blocked when using the “Lock Files” setting, even for logged in users. The issue is that this setting puts a .htaccess file in /wp-content/uploads/, which is where the userphoto directory also sits, but UAM does not know how to deal with User Photo images because they are user metadata, not posts or pages.

    To solve the issue, I could have just put a “wide open” .htaccess file in the userphoto directory, but I still wanted to make sure my photos would only be visible to logged in users, on the off chance someone discovered the directory. So here is the .htaccess file I’m using now, in /wp-content/uploads/userphoto/

    Options -Indexes
    <IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteBase /
    RewriteCond %{HTTP_COOKIE} !^.*wordpress_logged_in.*$ [NC]
    RewriteRule . – [R=403,L]

    The first line disallows the generated listing of all the files, and the rest sends a visitor to a 403 Forbidden page (or File not found WP page if set up) if they are not logged in. If the visitor is logged in, it will show them the image as requested.

    Hope that helps someone!

  • The topic ‘[Plugin: User Photo] Tip for members-only sites’ is closed to new replies.