Skip to main content

This site requires you to update your browser. Your browsing experience maybe affected by not having the most up to date version.

General Questions /

General questions about getting started with SilverStripe that don't fit in any of the categories above.

Moderators: martimiz, Sean, Ed, biapar, Willr, Ingo, swaiba

[solved]Privacy of Login Areas

Go to End

2 Posts   1042 Views


Community Member, 21 Posts

10 March 2009 at 5:47am

Edited: 11/03/2009 1:35am

I would like to discuss the following scenario:
There is a website with an area which could only be seen in the frontend when logged in. Kind of restricted area. There the CMS will offer private pictures and documents - some of it for download.

Since silverstripe supports friendly urls one confidential picture for example could be reached at:
The content is secured by login, but the URL for the pic could be reached. I think this is not what most people want.

What is best praxis avoid this? Especially with the URL-rewriting URLs could get guessable.

Thanks for reply.


Forum Moderator, 5521 Posts

10 March 2009 at 9:21pm

to protect the files you could try the secure files module - never used it but based on the title it sounded like a good place to start