On my site, I have a “resource” page where I have uploaded some documents using the “media” tab. I have uploaded various .pdf files for quick access by clients and staff. When a client clicks on the .pdf, it leads them to:
The problem is, if someone removes the “/example.pdf” it leads them to:
And now they can access the index of all of my media uploads which includes my logo, pictures and other things I do not want users to access.
Any ideas on how I can restrict access to this with people simply deleting the end of the extension?