WordPress.org

Plugin Directory

s2member Secure File Browser

The best way to share files securely with your clients, customers, friends and community.

s2Member secure files are always directly downloadable, how can I protect them by forcing php handling ?

It is recommended to add a deny from all directive in your httpd.conf for your s2member-files directory in order to avoid people directly access your protected files. Do not put the deny directive in the s2member-files/.htaccess because this file is always regenerated by s2member and your modifications are always overwritten.

Why s2member-files/.htaccess is not displayed ?

Even if you set shortcode option hidden to 1, .htaccess will never been displayed.

Are directories `access-s2member-level*` protected if they are not in the root directory ?

Yes ! And access-s2member-ccap* too !

The browser does not work, it displays `Invalid nonce` for registered users.

The authentication on your website is broken because of a plugin (AJAX requests not correctly handled). This behaviour is correct and it is protecting your files ! It happens for example when your authentication is only performed in a HTTPS form and the navigation is done in HTTP. If you use the WordPress HTTP plugin from http://mvied.com/projects/wordpress-https/ for example, you have to force HTTPS on each page which includes the s2member Secure File browser.

How to handle the `s2member-files/app_data` windows directory ?

In windows installations, put all files in s2member-files\app_data instead of s2member-files directory.

Requires: 3.3 or higher
Compatible up to: 4.2.4
Last Updated: 2015-5-23
Active Installs: 600+

Ratings

5 out of 5 stars

Support

Got something to say? Need help?

Compatibility

+
=
Not enough data

0 people say it works.
0 people say it's broken.

100,1,1 100,1,1 100,1,1 100,1,1
100,1,1 100,1,1 100,1,1 100,1,1 100,1,1 100,1,1 100,1,1 100,2,2 100,1,1
100,1,1
100,1,1
100,2,2 100,1,1 100,1,1
100,1,1 100,1,1
100,1,1
100,1,1
100,1,1 100,1,1
100,1,1