• Resolved limogin

    (@limogin)


    It is there a way to protect files from quotes, contacts to download from non-logged users? The url download link are public and the data contained can be sensitive.


Viewing 3 replies - 1 through 3 (of 3 total)
  • Hi @limogin ,

    It is there a way to protect files from quotes, contacts to download from non-logged users? The url download link are public and the data contained can be sensitive.

    Can you let us know which URL download link you’re referring to?

    Which invoices, etc, do you mean? There shouldn’t be any publicly viewable content – either a user has to have admin access to view the WP Admin/CRM Admin, or a Client Portal user in order to view their own invoices, etc. In both cases they have to log in.

    Best,

    Cena

    Thread Starter limogin

    (@limogin)

    For example, documents that you can link to a quote. They are currently publicly accessible and may contain sensitive information.

    Plugin Support Stef (a11n)

    (@erania-pinnera)

    Hi there, @limogin,

    First off, apologies for the late reply! As for your question, anyone with that URL can indeed access files like quotes if the URL is known (meaning that people cannot download it unless they know the exact URL).

    However, restricting access is a feature request we already have forwarded to our tech team, I’ve added your +1 on this.

    In the meantime, I recommend leveraging?Client Portal, through which, no one can access the files apart from the CRM admin and the contact whose files are related to.

    As a rule of thumb, we’d suggest using something more secure like AWS S3 for sensitive content.

    Hope that helps!

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘protect files’ is closed to new replies.