diff --git a/README b/README index 7562199811..f5b559e73d 100644 --- a/README +++ b/README @@ -755,6 +755,10 @@ private site, but users of the private site may be able to subscribe to users on a remote site. (Or not... it's not well tested.) The "proper behaviour" hasn't been defined here, so handle with care. +If fancy URLs is enabled, access to file attachments can also be +restricted to logged-in users only. Uncomment the appropriate rewrite +rule in .htaccess or your server's httpd.conf. + Upgrading ========= diff --git a/htaccess.sample b/htaccess.sample index 91ae9da9be..373108c816 100644 --- a/htaccess.sample +++ b/htaccess.sample @@ -5,8 +5,8 @@ RewriteBase /mublog/ - # If your site is private and want to only allow logged-in users to - # be able to download file attachments, uncomment this rule. + # If your site is private and want access to file attachments + # restricted to logged-in users only, uncomment this rule. # # If you have a custom attachment path # ($config['attachments']['path']), change "file/" to match.