- This topic has 8 replies, 2 voices, and was last updated 9 years ago by
.
-
Posts
-
I’ve got my simple membership set up, and everything is working great. However, I thought that the plugin would prevent others from seeing files that I link on pages that are protected, and it appears it does not. For instance, I have the finances of my association, which need to be protected on a page, lets call it website.com/finances. Now, you have to be logged in to see the content of website.com/finances, which is a page that has a PDF file displayed in the content area via a content viewer. If a user is not logged in, the PDF viewer will not display and it reads “you must be logged in…” which is perfect.
However, here is my problem.
If a person was to find the file location of the finances that I have displayed in my PDF view on the protected page, say website.com/wp-uploads/finances.pdf, then they could see the financial PDF document even if they aren’t logged in. Also, if someone finds my media folder, which im sure is in a general location under a generic title since its a wordpress site, then they have access to ALL of my media files.
Does simple membership have a way to protect my documents in this manner? Is there an add on plug in that I need to download, or is this another problem entirely that needs to be addressed with a different plugin?
Thank you to anyone who is able to or tries to help out,
BruceHi, no this plugin does not protect your media files. You will have to use a different plugin to protect your media files. There is a security plugin All In One….. that can help you further. If you install this plugin make sure you enable the following feature under WP Security -> Firewall -> Prevent Hotlinks.
Regards
So I downloaded the recommended plugin, but the hotlinking option, nor any of the other options I could find, solved my issue. Were you suggesting the all in one because it has the ability to solve my dilemma or just because its a good security program?
Hi, I always recommend All In One….security plugin to all my clients and people in the forum. The answer to your question is for both options. It does protect media files and it is a great security plugin. I use this plugin in all my projects including my own websites and blogs. And I also support this plugin in the forum 😉
Kind regards
Thanks for all the help, for the life of me I can’t protect the directory or files with the program.. id switch over to the other forum… but I already got you here! I’ve look through the documentation and have been working at it for a couple of hours. I’m about to pull out my hair. Can you point to some instructions or give me a walkthrough??
Thanks again for your help!
Hi, in regards to the following comment.
for the life of me I can’t protect the directory or files with the program.
What are you actually trying to do? Please provide more information.
Thank you
So, here is a protected, members only page on my web site:
http://thempa.org/mpa-meetings/meeting-agendas/august-2016-meeting-agenda
Now, of course, you can’t see the content because you’re not a member of my site and not logged in. On that page, I have a pdf document “http://thempa.org/wp-content/uploads/2016/09/August-Meeting-Agenda.pdf” embedded. I have selected the page to be protected via the simple membership plugin, as well as the pdf file its self to be protected cia the simple membership plugin.
He problem is that if you enter “http://thempa.org/wp-content/uploads/2016/09/August-Meeting-Agenda.pdf” into your address bar, you will be able to see that pdf document. I need that document and several others inaccessible via direct entry of the url. I also don’t want people to be able to look at my directory, for example, “http://thempa.org/wp-content/uploads/2016/09/” and see all of my uploaded content since a lot of that is members only, private data.
I need a “forbidden” page to pop up if you try to access a protected document while not logged in.
I hope that made sense.
Thank you again for your continued assistance!
EDIT: I see that the directory is giving a “forbidden” page when you try and look at it now, so that self corrected somehow. So now I just need that individual file to be protected in the same manner!
Okay now I fully understand what you are saying and trying to do. Then in this case the security plugin I suggested above will not protect the pdf file but I still recommend the security plugin.
If the pdf file is embedded then I am not sure how you are going to protect the embedded code. If the pdf file is a downloadable file then you could protect that file with a plugin like Simple Download Monitor. If you truly want more protection with your pdf files then I suggest the following plugin Pdf Stamper plugin.
Let me know if the above helps you further.
Regards
Honestly, now that the directory is returning a 403 permission error, I’m not so concerned about the file not being “protected”. When the directory was accessible, people could just rummage through my files and find what they wanted via the directory. Now that the error displays, someone would have to be a fantastic guesser or run across the url another way (which can obviously happen). However, nothing that I’m going to be protecting is top secret or anything, so the 403 error will suffice I think.
Again, thank you so much!!
- You must be logged in to reply to this topic.