This site requires you to update your browser. Your browsing experience maybe affected by not having the most up to date version.

We've moved the forum!

Please use forum.silverstripe.org for any new questions (announcement).
The forum archive will stick around, but will be read only.

You can also use our Slack channel or StackOverflow to ask for help.
Check out our community overview for more options to contribute.

General Questions /

General questions about getting started with SilverStripe that don't fit in any of the categories above.

Moderators: martimiz, Sean, Ed, biapar, Willr, Ingo, swaiba

File Download Security

4 Posts 1640 Views

Eddie Stevens

Community Member, 2 Posts

31 March 2010 at 8:24pm

It is great that SilverStripe can restrict access to individual pages based on group membership, but is there any way to restrict access to files based on group membership? For example, I would like to have a Members Only section for my organization. On that page I would like to put a link to a membership roster that is in PDF format. I know I can restrict access to the page that has the link, but if someone types in the URL for the attachment directly they will have immediate access to the file. Is there a way to control access?

lerni

Community Member, 81 Posts

1 April 2010 at 4:40am

http://silverstripe.org/secure-files/

DoubleBass

Community Member, 1 Post

20 April 2010 at 10:55am

Wouldn't it be easier just to use .htaccess file and use Basic authentication? What is the additional benefit from using silverstripe Users?
Thanks!

Eddie Stevens

Community Member, 2 Posts

20 April 2010 at 12:47pm

With .htaccss you would have to maintain two user databases; in my case I am dealing with about a hundred users broken up into five groups. Each group needs access to different files. Maintaining .htaccess accounts and SilverStripe accounts for all users would be a nightmare.

Return to top