Menu Content

Support

> Forums, FAQs & Paid Support
Welcome, Guest
Username Password: Remember me

Can open ACL protected files without logging in
(1 viewing) (1) Guest
Document management system (DMS) component for Joomla!

NOTE: This category has been locked. If you have purchased paid version, please, use our Support Ticket system instead. If you are using free edition, please see the Community Support section.
  • Page:
  • 1

TOPIC: Can open ACL protected files without logging in

Can open ACL protected files without logging in 12 years, 11 months ago #26337

Hi,

I have an issue where i have uploaded files to a folder - both the folder and the files within the folder have had the permissions set so they can only be accessed when a user logs in.

There is no problem when using the Joomla search function, but we want to send a direct link to the document i.e domainname/documents/foldername/documentname and using this link anyone can access the document without logging in.

Is there something i can do in Joomdoc to combat this from happening as it defeats the object of having ACL applied to the documents.

Hope someone can help,
Thanks.
The topic has been locked.

Re: Can open ACL protected files without logging in 12 years, 11 months ago #26338

  • jitr
  • OFFLINE
  • ARTIO Support
  • Posts: 1432
Hello, component cannot control directly link to the file system.

The best way is protected it by server tools. For example .htaccess restrictions.
ARTIO Support Team
The topic has been locked.

Re: Can open ACL protected files without logging in 12 years, 11 months ago #26339

Thank you for the very quick response.

I'm hoping you might be able to spare 5 minutes and help to advse me in regards to the .htaccess file as to how i would restrict access to folders to the public, or if you have any links that you could share with me?

Thanks in advance.
The topic has been locked.

Re: Can open ACL protected files without logging in 12 years, 11 months ago #26350

  • jitr
  • OFFLINE
  • ARTIO Support
  • Posts: 1432
Create in root folder file .htaccess and place here Deny from all
ARTIO Support Team
The topic has been locked.
  • Page:
  • 1
User Login Empty