diff --git a/.htaccess b/.htaccess
index 80f0908..128c7ae 100644
--- a/.htaccess
+++ b/.htaccess
@@ -65,7 +65,7 @@ ExpiresByType text/javascript "access plus 1 year"
 # You can try replacing the FilesMatch directive by this one
 # <FilesMatch "(index|feed)\.php">
 # If helps for Sony PRS-TX and Aldiko, beware fetch.php can be accessed
-# with authentication
+# with authentication (see $config ['cops_fetch_protect'] for a workaround).
 ###########################################
 #<FilesMatch "\.php$">
 #AuthUserFile /path/to/file
diff --git a/config_default.php b/config_default.php
index ee31a83..c367bc9 100644
--- a/config_default.php
+++ b/config_default.php
@@ -246,3 +246,13 @@
      * - publisher
      */
     $config ['cops_ignored_search_scope'] = array ();
+
+    /*
+     * If you use a Sony eReader or Aldiko you can't download ebooks if your catalog
+     * is password protected. A simple workaround is to leave fetch.php not protected (see .htaccess).
+     * But In that case your COPS installation is not completely safe. 
+     * Setting this parameter to "1" ensure that nobody can access fetch.php before accessing
+     * index.php or feed.php first. 
+     * BEWARE : Do not touch this if you're not using password, not using PRS-TX or not using Aldiko.
+     */
+    $config ['cops_fetch_protect'] = "0";
diff --git a/feed.php b/feed.php
index 80450aa..62b295c 100644
--- a/feed.php
+++ b/feed.php
@@ -23,6 +23,13 @@
         $page = Base::PAGE_OPENSEARCH_QUERY;
     $qid = getURLParam ("id");
 
+    if ($config ['cops_fetch_protect'] == "1") {
+        session_start();
+        if (!isset($_SESSION['connected'])) {
+            $_SESSION['connected'] = 0;
+        }
+    }
+
     $OPDSRender = new OPDSRenderer ();
 
     switch ($page) {
diff --git a/fetch.php b/fetch.php
index 5bf06b5..a3b7b2a 100644
--- a/fetch.php
+++ b/fetch.php
@@ -17,6 +17,14 @@ function notFound () {
     $_SERVER['REDIRECT_STATUS'] = 404;
 }
 
+    if ($config ['cops_fetch_protect'] == "1") {
+        session_start();
+        if (!isset($_SESSION['connected'])) {
+            notFound ();
+            return;
+        }
+    }
+
     global $config;
     $expires = 60*60*24*14;
     header("Pragma: public");
diff --git a/index.php b/index.php
index 505f848..f19bf19 100644
--- a/index.php
+++ b/index.php
@@ -44,6 +44,13 @@
         $test = Base::getDb ();
     }
 
+    if ($config ['cops_fetch_protect'] == "1") {
+        session_start();
+        if (!isset($_SESSION['connected'])) {
+            $_SESSION['connected'] = 0;
+        }
+    }
+
     header ("Content-Type:text/html;charset=utf-8");
 ?><!DOCTYPE html>
 <html xmlns="http://www.w3.org/1999/xhtml">
@@ -55,6 +62,8 @@
     <link rel="apple-touch-icon" sizes="72x72" href="./icons/icon72.png" />
     <link rel="apple-touch-icon" sizes="114x114" href="./icons/icon114.png" />
     <link rel="apple-touch-icon" sizes="144x144" href="./icons/icon144.png" />
+    <meta name="msapplication-TileColor" content="#123456"/>
+    <meta name="msapplication-TileImage" content="./icons/icon144.png"/>
 
     <title>COPS</title>