PortalParts.com Site

 Forum Index > Geeklog > Filemgmt Plugin Support New Topic Post Reply
 Want to prevent anonymous access by filename
 |  Printable Version
 April 01 2004 04:57 AM  
Forum Full Poster
Full Poster

Status: offline

Registered: 03/28/04
Posts: 17

One other thing: it just occurred to me to mention that if you change the value of your $_CONF['cookie_session'] in config.php from the default of "gl_session", you'll need to use the corresponding value in the .htaccess example I gave above.

Profile Email Website PM
 June 27 2004 01:20 AM  
Forum Senior

Status: offline

Registered: 06/26/04
Posts: 41

please excuse my butting in here, but thought i'd add my 2 cents. if your user is logged in they can get to your files the proper way so lets talk about the not logged in guy who is trying to access your files.
the .htaccess can look like:

AuthType Basic
AuthName "no looky looky"
AuthUserFile "/path/to/.htpasswds/public_html/filemgnt_data/files/passwd"
require valid-user

so now ANyOne trying to access that dir or anything in it (from a browser) will only see a login screen. of course that means that you have to login again if you are a logged in user, so i guess your way is prolly better.

Profile Email Website PM
 September 22 2008 15:19 PM  
Forum Newbie

Status: offline

Registered: 09/22/08
Posts: 1

I just recently noticed this directory browsing problem in filemgmt (v 1.5.3, GL 1.4.1). Good idea with the .htaccess code, fixes that browsing loophole. The problem i have now is that the files that could previously be downloaded anonymously are no longer available (Apache denies access) Any way to have this work for both?

Thanks! (and will support)

Profile Email PM
Content generated in: 0.19 seconds
New Topic Post Reply

 All times are CST. The time is now 09:31 PM.
Normal Topic Normal Topic
Locked Topic Locked Topic
Sticky Topic Sticky Topic
New Post New Post
Sticky Topic W/ New Post Sticky Topic W/ New Post
Locked Topic W/ New Post Locked Topic W/ New Post
View Anonymous Posts 
Anonymous users can post 
Filtered HTML Allowed 
Censored Content