I am having a problem with a project I am working on at the minute.
Basically, I have a site set up with multiple levels of user access. This is all working fine, but there are a lot of files uploaded through the media plugin, which I want to protect from unauthorized users. The problem is, if the user knows the directory and name of a file, they can put that into the browser and the file will open (without authorization).
I was thinking about using .htaccess to protect the folder, and have a PHP script automatically log authorized users through the apache login, but I have no idea where to start, and can't seem to find any useful information by Googling. I am fairly new to htaccess, so any advice would be useful.
The other option I can see is to use htaccess for all security instead of the current login system, but I can't find information on multiple levels of security this way.
Any information would be greatly appreciated. Thanks in advance.