I have two projects where the entire site’s contents are only available to logged in users. These users can share documents and files.
Is there a best practice for handling a situation like this?
Is there a way I can make Apache serve the files, instead of Mongrel, but also make sure the files are only available to certain users?
You need to add the xsendfile module to Apache and then use some header magic to send out the file.
Naturally, any links to relevant articles would be much appreciated.
Peter De Berdt