close ad
Databridge V2 with MySQLi support IS Now Available!
open ad
View Menu

Technical Support Forums

Free, outstanding support from WebAssist and your colleagues

rating

SecurityAssist to secure entire folder rather than specific page?

Thread began 6/14/2021 7:30 am by Justin@AdventDesign | Last modified 6/16/2021 9:08 am by Ray Borduin | 44 views | 11 replies |

Justin@AdventDesign

SecurityAssist to secure entire folder rather than specific page?

It's been quite a while since I manipulated anything directly in SecurityAssist, so I'm not sure how to go about this. Client needs some uploaded documents secure and only accessible by users who are logged in and meet a user level threshold.

Is there an easy way to apply a SecurityAssist rule to an entire folder rather than individual pages? The folder will contain mostly PDFs so I can't go through and manually insert code to require authentication on each PDF.

Sign in to reply to this post

Ray BorduinWebAssist

There is no way to secure non-php pages with SecurityAssist.

In order to secure pdf files, I have uploaded the files to a folder outside of the web root, so they can't be downloaded directly.

Then create a .php page that is secured with file download server behaviors to download the files. This is something I could help with in a premier support ticket.

Sign in to reply to this post
Did this help? Tips are appreciated...

Justin@AdventDesign

If the folder for secure files is outside of the web root, can you upload files to those folders from an insert/update form? Not sure what the file path would look like outside the web root.

Sign in to reply to this post

Ray BorduinWebAssist

I usually use a folder one up from the web root and just use ../ to reference it. Yes you can upload files to that folder as well.

Sign in to reply to this post
Did this help? Tips are appreciated...

Justin@AdventDesign

"Then create a .php page that is secured with file download server behaviors to download the files." Just looking for clarification, so you're suggesting something more advanced needs to be done than just securing that PHP page in general with SecurityAssist? If the file is outside the web root so no one can view the folder directly and the PHP page that directs them to that file is secure, I'm not following what additional would need to be done.

Sign in to reply to this post

Ray BorduinWebAssist

If you have everything in a database, then you might not need to do anything additional.

But if you are listing the files in a folder, then you might need to write some php code to do it.

Sign in to reply to this post
Did this help? Tips are appreciated...

Justin@AdventDesign

So I've been experimenting with the idea but I'm having trouble with the idea of storing documents in the web root. The ../ in the public_html/ doesn't seem to get you to another folder in the web root.

https://www.touchtronics.com/test.html

This has the link <a href="../testsecure/success.html">Test it here</a> which, if we're storing the files in a folder called /testsecure/ in the root directory, you'd have to get to those files with a link to download like that. I've created that page in the root directory, but the ../ doesn't seem to get you to the root, you remain in the public_html/ directory.

Is this the right line of thinking and if so what am I missing?

Sign in to reply to this post

Ray BorduinWebAssist

Please attach a copy of the page you are working on. "../" should get you above the public_html directory. It sounds like you are doing it right.

Sign in to reply to this post
Did this help? Tips are appreciated...

Justin@AdventDesign

It's https://www.touchtronics.com/test.html you can view the source

Sign in to reply to this post

Ray BorduinWebAssist

I need to see the php code. The problem wouldn't be in the source. Please attach the file. I may even need FTP access to fully debug.

Sign in to reply to this post
Did this help? Tips are appreciated...
loading

Build websites with a little help from your friends

Your friends over here at WebAssist! These Dreamweaver extensions will assist you in building unlimited, custom websites.

Build websites from already-built web applications

These out-of-the-box solutions provide you proven, tested applications that can be up and running now.  Build a store, a gallery, or a web-based email solution.

Want your website pre-built and hosted?

Close Windowclose

Rate your experience or provide feedback on this page

Account or customer service questions?
Please user our contact form.

Need technical support?
Please visit support to ask a question

Content

rating

Layout

rating

Ease of use

rating

security code refresh image

We do not respond to comments submitted from this page directly, but we do read and analyze any feedback and will use it to help make your experience better in the future.

Close Windowclose

We were unable to retrieve the attached file

Close Windowclose

Attach and remove files

add attachmentAdd attachment
Close Windowclose

Enter the URL you would like to link to in your post

Close Windowclose

This is how you use right click RTF editing

Enable right click RTF editing option allows you to add html markup into your tutorial such as images, bulleted lists, files and more...

-- click to close --

Uploading file...