Skip to main content

This site requires you to update your browser. Your browsing experience maybe affected by not having the most up to date version.

We're retiring the forums!

The SilverStripe forums have passed their heyday. They'll stick around, but will be read only. We'd encourage you to get involved in the community via the following channels instead:

General Questions /

General questions about getting started with SilverStripe that don't fit in any of the categories above.

Moderators: martimiz, Sean, Ed, biapar, Willr, Ingo, swaiba

File Download Security

Go to End

4 Posts   1509 Views

Eddie Stevens

Community Member, 2 Posts

31 March 2010 at 8:24pm

It is great that SilverStripe can restrict access to individual pages based on group membership, but is there any way to restrict access to files based on group membership? For example, I would like to have a Members Only section for my organization. On that page I would like to put a link to a membership roster that is in PDF format. I know I can restrict access to the page that has the link, but if someone types in the URL for the attachment directly they will have immediate access to the file. Is there a way to control access?


Community Member, 81 Posts

1 April 2010 at 4:40am


Community Member, 1 Post

20 April 2010 at 10:55am

Wouldn't it be easier just to use .htaccess file and use Basic authentication? What is the additional benefit from using silverstripe Users?

Eddie Stevens

Community Member, 2 Posts

20 April 2010 at 12:47pm

With .htaccss you would have to maintain two user databases; in my case I am dealing with about a hundred users broken up into five groups. Each group needs access to different files. Maintaining .htaccess accounts and SilverStripe accounts for all users would be a nightmare.