Protect a sub-directory containing a web app

Is it possible to restrict access (to level 0, 1, 2 …) to a sub-directory containing a collection of html/php files which constitute a web app?

I’d like to run a dokuwiki only available to s2level0/1 members. I don’t wish to share user accounts between WP and the dokuwiki. I just want the wiki to run standalone for those I wish to have access.
I’d also like to protect min-apps like TumultHype documents, Hot Potatoes files, small custom web apps that I build, etc that don’t have any user accounts associated.

Basically I’d just like s2member to protect the directory these apps live in.
URI Restrictions don’t seem to do the trick (although perhaps I just don’t understand how they work).
File download restrictions don’t seem to allow this either as they are designed for single files.
I think the solution would be for s2member to protect the directory via htaccess, but I don’t know enough about how to achieve that.

I’m building a language teaching site, and these mini-apps protected in some way would be critical to a commercial venture. One application might be a custom audio/visual dictionary of vocational jargon and technical terms, with associated test questions. Another purpose might be a custom Flash application with assets.

Any suggestions will be greatly appreciated.

Mike Smith

Hello Mike,

You might be interested in this article:
Knowledge Base » Protecting Non-WordPress Content with s2Member

Hope this helps. :)

Hi Eduan,

Thanks for that. Yep that does work for simple web apps, single html pages that can be changed to php files, or applications that serve through a single php page, however…

In the case of DokuWiki if I add that include code then somewhere downtrack a function is called twice:
Fatal error: Cannot redeclare is_ssl() (previously declared in /home/ima21534/public_html/wp-includes/functions.php:3699) in /home/ima21534/public_html/dokuwiki/inc/init.php on line 478

I’m not sure I can debug that, nor what the consequences might be for dokuwiki or other standalone web-apps

In the case of Tumult Hype documents it is feasible, requiring the addition of code to the Hype template. Similarly so for Hot Potatoes. However this is hugely tedious as these files could be contributed by dozens of teacher authors. There may be literally thousands of Hot Potatoes html sub-files making up an application, and typically any of these html files could be the entry point to the application.

So I would need to retrofit hundreds perhaps thousands of files, and again if they are modified by the contributing authors.

It would be far simpler to just protect the directory than modify the contained files.

Previously I worked with Moodle 1.9, and this allowed me to set up access to sub-directories’ contents according to valid enrolments to courses. These sub-directories were outside the public_html folder, with Moodle allowing access rather than denying-and-then-controlling as s2member is doing now. This was very convenient for protecting standalone web apps as I describe. Unfortunately this is no longer possible with Moodle 1.9 being replaced with 2, so I’m building my own LMS with WordPress and S2member – which in fact provides a much better experience.

These web apps in the protected folder would be served in iframes within either WordPress pages or, quite likely, shadowbox modals so I can control/direct the learner experience. They might also be served standalone as mobile web apps as well. All these learning/teaching web apps are assets that could be sold and/or distributed separately so I’d like not to have to modify them individually.

Shouldn’t it be possible to define access to a sub-directory, perhaps using htaccess, that checks s2membership level?

Thanks again,
Mike Smith

Hmm, there isn’t a way to restrict access to a folder except with download restrictions, which are inside WordPress.

Have you thought about using a cloud server like Amazon S3 or something along those lines, s2Member integrates with some clouds, you might be able to restrict the folder and make it run from there.

Hope this helps. :)