[TYPO3] fileadmin why is it not secure?

[Adam Wilson]

As I thought that fileadmin is where you put all of the files that are
to be web resources, it would seem counter intuitive that access to
*all* of the files there is restricted.

However, depending on your web server and configuration options, you
could create folders that are secured (requiring all users to
authenticate to access the resources there) so that the casual user
would not have access.  You could then define a process that either:
updates the folder access permissions, (I am thinking on Apache, you
could update .htaccess) or allows typo3 to act a proxy engine to access
the files (I am still fairly new to typo3 and unaware of it's ability to
already do so if it exists).

I don't have any specific examples of how to accomplish either of these
ideas, but wanted to throw them in for thought.

Adam

-> -----Original Message-----
-> From: typo3-english-bounces at lists.netfielders.de [mailto:typo3-
-> english-bounces at lists.netfielders.de] On Behalf Of Pete Novak
-> Sent: Thursday, July 12, 2007 11:39 AM
-> To: typo3-english at lists.netfielders.de
-> Subject: [TYPO3] fileadmin why is it not secure?
-> 
-> Hi all,
-> 
-> what I am wondering is, that all the files in the fileadmin folder
are
-> accessible for all.
-> You just need to type the URL of what you want , and then you can
-> download
-> it.
-> 
-> How can i make my fileadmin dir secure that only TYPO3 can acess
files
-> there?
-> I also want to make it secure in that way, that _nothing_ can be
-> downloaded
-> byjust typing the url to get mp3, pdf or other documents.
->  I want _only_ to allow _authenticated_ BE or FE users to get access
-> to a
-> certain folder in fileadmin to download things.
-> 
-> any suggestions or Howtos on that?
-> 
-> Thanks
-> 
-> 
-> _______________________________________________
-> TYPO3-english mailing list
-> TYPO3-english at lists.netfielders.de
-> http://lists.netfielders.de/cgi-bin/mailman/listinfo/typo3-english