WordPress.org

Forums

Membership
[resolved] Download urls not being masked (7 posts)

  1. joshuaiz
    Member
    Posted 1 year ago #

    Trying to get urls to be masked and nothing seems to be working.

    Protection method: Complete (tried Basic and Hybrid although my web server runs Apache)
    Uploads location: wp-content/uploads (but in month and year folders)
    Protected groups: default, protected (each on one line)

    The uploaded file has been assigned to the 'protected' group ('default' was tried as well).

    I've looked at this thread:

    http://wordpress.org/support/topic/membership-not-properly-masking-media-location-for-content-linked-in-posts

    I'm uploading a PDF file to a post in a custom post type using the Media Uploader.

    WP 3.8.1/Membership 3.4.4.1

    Thanks.

    http://wordpress.org/plugins/membership/

  2. Hi there @joshuaiz,

    Hope you're well today and thanks for your question.

    This should work for you.

    1: Go to Dashboard > membership > URL Groups, create a new URL group make sure you add the masked download URL from 2: to the URL group.

    2: Go to Dashboard > membership > options > downloads / media tab select 'complete' protection. check the masked URL leave as default. select the URL group you have just created.

    3: Go to Dashboard > membership > access levels, add/edit your free level (or premium, depends on whether you use negative or positive rules? Add the downloads to your negative rule (or whichever you use). Then select the protected url group you just created.

    4: When you add your media (or edit media). You should now be able to add it to the protected url group. That's it, now when you add the media and select the protected group, the url will be protected for your download :)

    Thanks!

    Kind Regards
    Jack.

  3. joshuaiz
    Member
    Posted 1 year ago #

    **Update: looks like I got it working **

    Actually the URL group is not necessary. All you need is the Protected Content Group set up in Dashboard > Membership > Options > Downloads/Media

    What seems to be happening is that when I upload a file from the default WP uploader and select the Content Group there from the Upload screen it is not "sticking". I had to go to Media Library > [My File] > Edit and add the Content Group there manually for this to work.

    I will keep an eye on this and see if it is repeatable. Leaving this topic open as well.

  4. joshuaiz
    Member
    Posted 1 year ago #

    Just as a follow up (and feature request) it would be great to be able to specify my own uploads folder within Membership. Thus I could use a separate folder for protected uploads versus regular wordpress uploads.

    Even changing the default WP uploads directory location and name is really no protection at all because any images uploaded through the uploader (for posts and pages) will have their URLs visible on the web and thus someone can guess the upload folder structure from that.

    I have a function that works for assigning a different upload folder for each custom post type. Ideally to have Membership be able to also map these and mask the urls for each would be ideal.

    I spent several hours searching for a php function or htaccess directive to remap a directory outside of the web root to mask urls with no luck. That said, some plugins do this: cart66 is one - the "Products" folder for digital downloads can be outside of the web root and you just enter the full path and it works beautifully. MP3 jPlayer is another - you can select the default audio file folder to be outside of the web root.

    If you have any suggestions on how to best cloak the upload folder location, I'm all ears.

  5. David
    WPMU DEV Support Staff
    Posted 1 year ago #

    Hi @joshuaiz,

    Thanks for your feedback and feature request. Incidentally, the topic's been brought up before in our premium forums, for example here:
    http://premium.wpmudev.org/forums/topic/how-do-i-protect-urls-like-pdfs

    Currently, the plugin just "masks" files for protection. Though we base our developments on member concerns, generally through our feature suggestion forums. The move voice we hear from them, the more things get changed! :)

    Cheers,
    David

  6. joshuaiz
    Member
    Posted 1 year ago #

    Yes I have those .htaccess rules in place. But being able to put the folder outside of the web root is most secure solution.

  7. David
    WPMU DEV Support Staff
    Posted 1 year ago #

    Hi @joshuaiz,

    Thanks for your thoughts on that. Unfortunately, that's not something the plugin is currently designed to handle. Though I'm sure we'll be looking to add that in a future version.

    Cheers,
    David

Topic Closed

This topic has been closed to new replies.

About this Plugin

  • Membership
  • Frequently Asked Questions
  • Support Threads
  • Reviews

About this Topic