Plugin request: media-vault
I have a question about the Commons from the Doctoral Theatre Student's Association. We're trying to work on that website where we could share pdfs and teaching materials. After looking at the security problems that you alerted us to, Jared Pike found the following plugin that apparently corrects this flaw. He was wondering if we could have access to it? We don't currently, but here is the link: https://wordpress.org/plugins/media-vault/. What would be the next step here if we wanted to put this on our Commons site?
#2 Updated by Boone Gorges over 4 years ago
- Subject changed from Security Issue Fix? to Plugin request: media-vault
- Category name changed from WordPress Themes to WordPress Plugins
- Status changed from Assigned to Reporter Feedback
Thanks for the message, Bess. I'm changing the subject line to clarify the purpose of the ticket somewhat - the privacy of uploaded files is not, strictly speaking, a security issue.
I've had a look at how media-vault works, and I don't feel totally confident about it. It makes on-the-fly modifications to our main .htaccess file, which is risky because it controls access to our site in a number of ways, and is not very good practice because that file is not currently writeable by the webserver. (Non-technical description: I'm not confident that media-vault will work with the Commons setup.)
Bess, have you looked at the plugin WP Document Revisions, already installed on the Commons? If your goal is to upload files that will only be available to a certain subset of logged-in users, I think it will probably suit your needs. Could I ask you to activate it on your site and test it, please?
#3 Updated by Boone Gorges over 4 years ago
- Status changed from Reporter Feedback to Rejected
Going to close this one due to lack of activity, and on the assumption that the WP Document Revisions plugin will do the trick. Bess, if you continue to have issues or questions, don't hesitate to leave a note here or in a new ticket.