Support » Plugin: File Away » Requiring login for file access via direct links

  • birdie2000


    Is there a way to require that direct file links can only be accessed by a logged in user? While someone cannot access a folder within File Away without being logged in from what I can tell, if they have the direct file link it can still be accessed without being logged in. I am using woffice/buddypress and File Away for an extranet and would like to include internal documents for employee access, however this presents a security concern. Is this possible, either through wordpress/buddypress configuration, File Away itself, or through another plug-in used in conjunction with File Away?

    • This topic was modified 10 months ago by  birdie2000.
Viewing 4 replies - 1 through 4 (of 4 total)
  • wvanbusk


    It seems to me that Unix file permissions and web server configs, unless overridden by the plug-in in WordPress would prevent someone from accessing a direct file link. I’m not sure how the plug-in doe that. Have you read the install docs?

    Hi birdie2000, hi wvanbusk, did you solve this issue anyhow? I’ve the same problem. If someone finds out to a direct link to a document, he can get to it without beeing prompted for login.


    Most common is to setup Apache with a virtual host and config allow internal lan users. You could use a subdomain, different path for wordpress and the files and block external users in the firewall port forwarding. I’m not sure any other way is truly secure unless login is required for all wordpress users. Security is complex.

    Login is required for all WordPress users on the site in question, as far as I know.

    We have not figured out a resolution at this time. Our IT admin found a potential solution that did not pan out. I will ask him about the virtual host from wvanbusk and see if that would accomplish what we need.

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘Requiring login for file access via direct links’ is closed to new replies.