Support » Plugins » The files are public

Viewing 1 replies (of 1 total)
  • I am not a current user of PodPress. I think what PodPress does is post a URL which uses the Location header to forward the client to the actual MP3 file. This means that there is no protection on the file on the server.

    What you can do to change this is modify the .mp3 file in the podpress plugin directory; where it sends the Location header to forward the user to the file, change that and use PHP’s readfile() function to send the MP3 to the user through PHP. (The proper MIME type is also required using the Content-Type header.) Then you can use HTACCESS to block access to the mp3 files (through Apache) and you’ll be secure.

    Only a user using the PodPress URL (and I think PodPress authenticates them in pay mode) can download the file.

Viewing 1 replies (of 1 total)
  • The topic ‘The files are public’ is closed to new replies.