Is there a common way to prevent users from bypassing the joomla/jdownloads permissions if they know the External File Link?
Thanks!
Hi
Yes there is.
Set 'Protect your Download-directory?' to yes. This adds an .htaccess file in the jD root directory that prevents direct access as the jd Root directory must appear in a direct link.
This .htaccess file consists of the statements:
'Options -Indexes' - which prevents it being shown as a directory,
and 'deny from all' which stops any external access.
Note the restricions however for videos and also if you do not use 'Send Downloads over PHP Script'.
Another security item is 'Activate Hotlinking protection?' This basically stops other web sites using your site to download a file, typically used for images and the like. This may cause your site a problem if you use absolute referencing (eg
http://www.yoursite.com/myimages/image.png) instead od relative referencing (eg /myimages/image.png).
'Block when the Browser does not send a Referrer?' is also useful.
Colin
EDIT I have split into a new topic with a more relevant title Colin