22427 Posts in 6976 Topics by 2750 members
|Go to End|
10 March 2009 at 5:47am Last edited: 11 March 2009 1:35am
I would like to discuss the following scenario:
There is a website with an area which could only be seen in the frontend when logged in. Kind of restricted area. There the CMS will offer private pictures and documents - some of it for download.
Since silverstripe supports friendly urls one confidential picture for example could be reached at:
The content is secured by login, but the URL for the pic could be reached. I think this is not what most people want.
What is best praxis avoid this? Especially with the URL-rewriting URLs could get guessable.
Thanks for reply.
10 March 2009 at 9:21pm
to protect the files you could try the secure files module - never used it but based on the title it sounded like a good place to start
|Go to Top|