Come together with the global Drupal community in Rotterdam, 28 Sept – 1 Oct 2026. Sessions, contribution, connection, and Early Bird savings until 8 June.
By stephtek on
Is there a way to make the sites/default/files/ directory and files inside it blocked for anonymous users?
Comments
Hmm still looking for
Hmm still looking for assistance on this.
2 options
2 options
Go to /admin/settings/file-system
Change the download method to 'Private - files are transferred by Drupal.'
or
If you use Apache webservers and you have full root access then you can create a .htaccess file with appropriate content.
Then add it to appropriate directory.
That will prevent files from being directly accessed.