WordPress.org

Ready to get started?Download WordPress

Forums

Download Monitor
File location still accessible (3 posts)

  1. robcwright
    Member
    Posted 3 years ago #

    I'm trying to figure out how to totally prevent non-logged in users from having access to a file. It appears that download monitor is simply creating its own url that it can control access to then passing on the request, after the user has been auth'd, to the original file location. For example, domain.com/custom_url/filename.pdf is controlled by download manager and is only accessible to logged in users. Perfect. However, that url simply redirects to wp-content/uploads/downloads/year/month/filename.pdf which is still an accessible url. Member only file checks to see if they are logged in and force download makes it look like the file is coming from the download monitor url, but the original file is still available. Any way to lock out the ability to get to the original file?

    http://wordpress.org/extend/plugins/download-monitor/

  2. Mike
    Member
    Posted 3 years ago #

    Host the file about your public/html / www directory, and use the force download option. Then the only way to the file is through the plugin.

  3. rjksn
    Member
    Posted 3 years ago #

    I wanted the same thing, and don't feel too comfortable having it in the generic WP structure.

    I read somewhere that there was the ability to modify the file path, say put the files in a directory with a 40 character string.

    As an example.
    wp-content/uploads/downloads/year/month/filename.pdf
    to
    wp-content/uploads/vn5Yj5nMwbBmYScK87sRzH6eTyKr6nQttRtCB3s4/year/month/filename.pdf

    It's not on your page though.

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic