Joomlatools Support Center
Protect direct downloading
Hi,
I created a login area using Joomla ACL. But the files can still be seen and downloaded when a user got the direct path/URL to files.
Can FILEMan manage to protect folders?
Best regards,
Robin
Answer
Hello Robin,
We are still discussing a bit what the exact behavior of FILEman 3 will be. Lets focus this on FILEman 2.
1. If you put an htaccess in the folder you will prevent direct access to your files from the browser.
2. The URL used by FILEman is not the direct location of the file. If you use the direct location Joomla or FILEman are not activated, it's your webserver who will serve you the file.
Instead FILEman will download the files for you, this allows FILEman to take additional permissions into account. You do not need to protect this folder, if you setup FILEman and the menu item linked to FILEman to be accessible only be registered users then your files will be 100% secure.
Does that help you ?
There are 9 more comments in this ticket.
Subscribe or login to join the discussion!