How to make uploads available only to logged-in users


I want to use Nginx to protect the directory, and I found discourse-auth-proxy .

How to configure nginx to require users to log in before they can access the directory?

What do you mean by “the directory” here?

I don’t think that does what you think it does.

What are you trying to do, exactly?

Do you want Discourse to be protected by BASIC auth before a user can see it?

for example:

I posted in this post

Guest users can see this post, But if download 111.txt, the guest user must log in.

/aaa/111.txt provided by nginx.

I have try Discourse SSO in Nginx , Seems to have failed.

I changed the subject to “How to make uploads available only to logged-in users” – That’s what you’re trying to do, right?

From discourse-auth-proxy:

That’s not going to do anything like what you describe. It will allow you to protect another site using Discourse as the authentication point.

If what you want to do is make uploads visible only to people who are logged in, you can see Secure Media Uploads.

But, I don’t know of a way that you can have a post be visible but have uploads in it not be available to those who can see the post.
EDIT: But now I remember one!

1 Like


prevent anons from downloading files

Prevent anonymous users from downloading attachments.

Would that be any use?

1 Like