Come together with the global Drupal community in Rotterdam, 28 Sept – 1 Oct 2026. Sessions, contribution, connection, and Early Bird savings until 8 June.
By sumoanand on
Hi,
My website's all uploaded files are there in 'file' folder.
The problem is that if someone knows the file name then he can directly download that file by typing www.mywebsite.com/files/abcd.wmv in the web browser.
Is there any way to restrict this in Drupal?
Thanks in advance,
Sumeet Anand
Comments
i believe you have to use
i believe you have to use the private download method in drupal.
administer -> settings -> file system settings
shift from public to private. this may adversely affect previous uploads.
you may also want to look into the filemanager.module which allows you to set a files folder above the public root.