Jump to:

21309 Posts in 5738 Topics by 2603 members

General Questions

SilverStripe Forums » General Questions » [solved]Privacy of Login Areas

General questions about getting started with SilverStripe that don't fit in any of the categories above.

Moderators: martimiz, Howard, Sean, Ryan M., biapar, Willr, Ingo, swaiba, simon_w

Page: 1
Go to End
Author Topic: 714 Views
  • slamby
    Avatar
    Community Member
    21 Posts

    [solved]Privacy of Login Areas Link to this post

    10 March 2009 at 5:47am Last edited: 11 March 2009 1:35am

    I would like to discuss the following scenario:
    There is a website with an area which could only be seen in the frontend when logged in. Kind of restricted area. There the CMS will offer private pictures and documents - some of it for download.

    Since silverstripe supports friendly urls one confidential picture for example could be reached at:
    http://www.myhost.com/assets/Uploads/NOT-FOR-YOUR-EYES.png
    The content is secured by login, but the URL for the pic could be reached. I think this is not what most people want.

    What is best praxis avoid this? Especially with the URL-rewriting URLs could get guessable.

    Thanks for reply.
    S.

  • Willr
    Avatar
    Forum Moderator
    5173 Posts

    Re: [solved]Privacy of Login Areas Link to this post

    10 March 2009 at 9:21pm

    to protect the files you could try the secure files module - never used it but based on the title it sounded like a good place to start

    http://silverstripe.org/installing-silverstripe/show/254742

    714 Views
Page: 1
Go to Top

Want to know more about the company that brought you SilverStripe? Then check out SilverStripe.com

Comments on this website? Please give feedback.