Skip to main content

This site requires you to update your browser. Your browsing experience maybe affected by not having the most up to date version.

We're retiring the forums!

The SilverStripe forums have passed their heyday. They'll stick around, but will be read only. We'd encourage you to get involved in the community via the following channels instead:

DataObjectManager Module /

Discuss the DataObjectManager module, and the related ImageGallery module.

Moderators: martimiz, UncleCheese, Sean, Ed, biapar, Willr, Ingo, swaiba

SWFUpload and htaccess password protected site

Go to End

3 Posts   2944 Views


Community Member, 70 Posts

17 October 2009 at 11:27pm


I'm trying to let a client upload their images on a prototype version of their site that is blanket protected by htaccess in the root folder.

However SWFUpload fails with a 401 (not authorized), because it doesn't pass the logged in details.

Is there anyway for me to protect a site from access but still allow the admins to upload files?

I've tried only protecting the sapphire folder but it still fails.


Forum Moderator, 4102 Posts

18 October 2009 at 5:19am

SWFUpload will not work with secure or password protected connections because the Flash request starts a new session. You need to make sure the upload_url, which I believe is /FileDataObjectManager_Controller/handleswfupload, is open to the public. You can get the exact url by setting SWFUploadConfig::debug(); and looking in the debug window.


Community Member, 70 Posts

19 October 2009 at 12:35am

Thanks UncleCheese - I thought it'd be something to do with the Flash element (it has the same problem in Rails!).

Do you (or anyone) know how to turn off htaccess protection for a single folder when the whole site is protected?