Direct download security

Viewing 7 replies - 1 through 7 (of 7 total)
  • Plugin Contributor mbrsolution

    (@mbrsolution)

    Hi unfortunately this plugin does not have that capability at the present.

    Kind regards

    Thread Starter TouchWebUK

    (@touchwebuk)

    Can people type in the url directly to a file (in wp-content / media upload)?

    Maybe after Google has indexed the file?

    Plugin Contributor mbrsolution

    (@mbrsolution)

    What do you mean? Can you please explain?

    Thank you

    Thread Starter TouchWebUK

    (@touchwebuk)

    Sure.

    This is my site – https://www.touchwebdesign.com

    Imagine if I uploaded a sensitive test.pdf to my site. It would go into uploads folder.

    I could password protect the link to the PDF, make the filename hard to guess, but if Google indexed the file or someone knew the location of the PDF, they could bypass all the security with one click eg. https://www.touchwebdesign.com/wp-content/uploads/2016/01/test.pdf

    Using S3 is one option – there has to be a token access key before it is allowed to be downloaded. The access key is not accessible without being logged in.

    What is stopping people sharing the link to the file via Facebook?

    Plugin Contributor mbrsolution

    (@mbrsolution)

    Hi thank you for the explanation. Unfortunately this plugin does not have the extra security settings that you are looking for.

    You might like to check the following plugin eStore.

    Thread Starter TouchWebUK

    (@touchwebuk)

    Thanks for the tip. eStore looks perfect.

    Plugin Contributor mbrsolution

    (@mbrsolution)

    You are most welcome ??

    If you don’t need any more help with this support thread can you mark it as resolved.

    Thank you

Viewing 7 replies - 1 through 7 (of 7 total)
  • The topic ‘Direct download security’ is closed to new replies.