Skip to main content

This site requires you to update your browser. Your browsing experience maybe affected by not having the most up to date version.

General Questions /

General questions about getting started with SilverStripe that don't fit in any of the categories above.

Moderators: martimiz, Sean, biapar, Willr, Ingo, swaiba, simon_w

URGENT securing folder


Reply


3 Posts   326 Views

Avatar
ppahpp

Community Member, 3 Posts

21 November 2013 at 12:37am

hi guys
i have an embeded flash program that i need to be in a protected folder to limit access to it. the problem is that the flash program calls up assets from a sub folder.
a standard htaccess restriction works (see code below). but how do i link that to the ss directory of members.
i did try a module i had used previously, which uses a more sophisticated method. however the flash program although it seems to load, its access to its assets looks denied.

help me please before i loose my mind

#---------htaccess file--------------------
AuthUserFile .htpasswords
AuthName "Members Only"
AuthType Basic
Require valid-user
#---------------------------------------------

Avatar
Mo

Community Member, 510 Posts

21 November 2013 at 4:40am

Hi ppahpp

I am guessing you mean that you want to restrict access to your flash application to only "members" from your silverstripe install?

In which case, can't you create a custom template that loads the flash file into a page, then restrict access to the page via the CMS (so only logged in users can see it).

You could probably then use a module like https://github.com/hamishcampbell/silverstripe-securefiles (that is for 2.4, but I am pretty sure there are 3.0 versions out there too) to restrict access to the assets folder?

Otherwise I think you would have to find a way to push your members database to local server password store (that .htpasswords), which is not something I would know how to do.

Not sure if that makes sense, or if I am understanding you correctly?

Mo

Avatar
ppahpp

Community Member, 3 Posts

22 November 2013 at 3:47am

you geussed right, id want to restrict acces to the flash program.
I had the same idea about using secure files. i have been trying but because of silverstripe forces the security through the below .htaccess code, it seems not to grant access to the flash file. While logged in or even ask to log in .

RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_URI} ^(.*)$
RewriteRule (.*) sapphire/main.php?url=%1&%{QUERY_STRING} [L]