[TYPO3-dam] Secure File Management?
Xavier Perseguers
typo3 at perseguers.ch
Tue Jun 24 09:59:06 CEST 2008
Hi,
> maybe I see things too easy, but why don't just place a index.html file
> in the folder you want to protect? So no one can see the files by
> referring to the folder. Only linking to the exact file name will show
> the requested file.
> To make things even better instead of a index.html you also could use a
> index.php with a redirect to an other url.
This is however not secure at all. You only hide files (btw you should
remove directory listing altogether in Apache) but you do not prevent
someone who knows the file name to access it without being authenticated.
Securing a directory means you *must* be authenticated to access the file.
Cheers
Xavier
More information about the TYPO3-project-dam
mailing list