Securing Files in the Drupal Files Folder
vanderlip - May 17, 2009 - 11:24
| Project: | Secure Site |
| Version: | 6.x-2.3 |
| Component: | Code |
| Category: | support request |
| Priority: | normal |
| Assigned: | Unassigned |
| Status: | active |
Jump to:
Description
I would like to check to see if I have the correct understanding of the Secure Site module. If I have the Drupal File system set to Public, and secure my entire site with Secure Site, Secure Site will NOT prevent the files in the Durpal files folder from the possibility of being accessed directly with the URL by anyone on the Internet. Do I understand correctly?
Thanks
#1
Yes.
#2
Is it possible to make Secure Site protect files in the Drupal folders? By this I don't just mean attachments to nodes, but also user avatars. Currently files like that are easily accessible to users without having to authenticate. Setting the file system to private doesn't seem to work.
I know it's not protected by default, I'm just asking how it could be done.
Thanks.
#3
bump.