This issue came up with the /wizbif directory, because users really shouldn't be able to access anything in this directory unless they are logged in. However, the Apache-PHP model doesn't handle this case very well; the only way I know is to pass all requests through a PHP file like auth_file.php which verifies the user and then serves the static content manually. So we should either find a good PHP package to serve static content, or wait until someone migrates the server code to something like NodeJS (which handles this case very well) to implement this feature.
This issue came up with the
/wizbif
directory, because users really shouldn't be able to access anything in this directory unless they are logged in. However, the Apache-PHP model doesn't handle this case very well; the only way I know is to pass all requests through a PHP file likeauth_file.php
which verifies the user and then serves the static content manually. So we should either find a good PHP package to serve static content, or wait until someone migrates the server code to something like NodeJS (which handles this case very well) to implement this feature.