News:

Dear forum visitors, if the support forum is not available, please try again a few minutes later. Thanks!

Main Menu
Support-Forum

Prevent direct access to Downloads

Started by eric, 28.06.2018 23:19:57

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Print
Go Down Pages1
User actions

eric

28.06.2018 23:19:57 Last Edit: 29.06.2018 10:37:24 by ColinM
Is there a common way to prevent users from bypassing the joomla/jdownloads permissions if they know the External File Link?

Thanks!
  •  

ColinM

#1
29.06.2018 10:35:08 Last Edit: 29.06.2018 10:42:51 by ColinM
Hi
Yes there is.
Set 'Protect your Download-directory?' to yes.  This adds an .htaccess file in the jD root directory that prevents direct access as the jd Root directory must appear in a direct link.
This .htaccess file consists of the statements:
'Options -Indexes' - which prevents it being shown as a directory,
and 'deny from all' which stops any external access.
Note the restricions however for videos and also if you do not use 'Send Downloads over PHP Script'.

Another security item is 'Activate Hotlinking protection?'  This basically stops other web sites using your site to download a file, typically used for images and the like. This may cause your site a problem if you use absolute referencing (eg http://www.yoursite.com/myimages/image.png) instead od relative referencing (eg /myimages/image.png).

'Block when the Browser does not send a Referrer?' is also useful.
Colin

EDIT I have split into a new topic with a more relevant title  Colin
Colin M
  •  
Print
Go Up Pages1
User actions