After a long day of struggling with various .htaccess solutions (none of which I could get to work at all in WordPress multisite), I had the wonderful idea to ask for help from the wp-edu listserv and within minutes, Daniel Bachhuber responded with a perfect solution.
But maybe I should have started with the problem. (Let’s do it as a theoretical). A professor has a class site in a WordPress install. That professor has permission from the copyright holder (or has the right under fair use) to share a journal article with her class as a PDF. She does NOT have the right to share that journal article with the entire internet. So she scans the article to a PDF, uploads it to her WordPress install, and links to it on a page that is password-protected, giving the password only to the students (and changing it at the end of the semester) so nobody else can access that page.
The problem is that while the page where the link sits is password-protected, the file itself is not. So anyone with the direct URL to the file can download it instantly, without knowing the password at all. What makes matters worse, google (and others) indexes the content of PDFs quite commonly, so even an attempt at security by obscurity of the filename is bound to fail. Anyone googling for the author’s name, or any of the terms in the journal article, would find a quick and easy link directly to the file, which the professor is now, in violation of copyright, giving away free to one and all (I’m not going to get into a discussion at this point of the overall ethics of copyright and whether or not that journal article “wants” to be free).
Extensive searching, extensive trial and error, over an extensive time had left me unable to solve this problem. But Daniel Bachhuber’s suggestion is a simple and beautiful plugin, Ben Balter’s WP Document Revisions. I admit I had come across this suggestion in my googling, but I rejected it without really thinking it through, on the grounds that I didn’t need “document revisions.” Silly me.
The plugin (which works fine and dandy in multisite, although I do recommend the network-admin add-on from the Code Cookbook) with a very simple interface, lets you set the upload directory outside the document root of your site, not accessible to any outsiders, and then it totally respects your password and beautiful permalinks.
It does much more, as a document workflow solution (sort of an open-source alternative to –ugh– sharepoint, in fact). But just for this little purpose, it’s quite nice. Highly recommended!