Hello,
I want to create an intranet in CMS Contao but I will post videos and sensitive information.
As I can prevent access to files on a public?
Protect files
Hello,
I want to create an intranet in CMS Contao but I will post videos and sensitive information.
As I can prevent access to files on a public?
Contao is the best CMS there is. Support your community in Spanish
http://www.contaoespanol.com
I do not speak English but I try to help with a translator
Re: Protect files
If I understand correctly the files should be visible on your website, but not to be accessed directly? Would preventing hotlinking help in such case? I'm not entirely sure how that works if you want to allow downloading a specific file, I suppose that gets blocked...
From: http://altlab.com/htaccess_tutorial.htmlHow Do I Stop Hotlinking and Bandwidth Theft?
You can stop others from hotlinking your site's files by placing a file called .htaccess in your Apache site root (main) directory. The period before the name means the file is hidden, so you may want to edit your file as htaccess.txt, upload it to your server, then rename the txt file to .htaccess in your directory. Contact your web host on how to access your directories and configure your .htaccess file.
Example: Your site url is www.mysite.com. To stop hotlinking of your images from other sites and display a replacement image called qX4w7.gif from an image host, place this code in your .htaccess file:
RewriteEngine On
RewriteCond %{HTTP_REFERER} !^http://(.+\.)?mysite\.com/ [NC]
RewriteCond %{HTTP_REFERER} !^$
RewriteRule .*\.(jpe?g|gif|bmp|png)$ http://i.imgur.com/qX4w7.gif [L]
The first line of the above code begins the rewrite. The second line matches any requests from your own mysite.com url. The [NC] code means "No Case", meaning match the url regardless of being in upper or lower case letters. The third line means allow empty referrals. The last line matches any files ending with the extension jpeg, jpg, gif, bmp, or png. This is then replaced by the qX4w7.gif image from the imgur.com server. You could easily use your own hotlink image by placing an image file in your site's directory and pointing to that file instead.
To stop hotlinking from specific outside domains only, such as myspace.com, blogspot.com and livejournal.com, but allow any other web site to hotlink images:
RewriteEngine On
RewriteCond %{HTTP_REFERER} ^http://(.+\.)?myspace\.com/ [NC,OR]
RewriteCond %{HTTP_REFERER} ^http://(.+\.)?blogspot\.com/ [NC,OR]
RewriteCond %{HTTP_REFERER} ^http://(.+\.)?livejournal\.com/ [NC]
RewriteRule .*\.(jpe?g|gif|bmp|png)$ http://i.imgur.com/qX4w7.gif [L]
You can add as many different domains as needed. Each RewriteCond line should end with the [NC,OR] code. NC means to ignore upper and lower case. OR means "Or Next", as in, match this domain or the next line that follows. The last domain listed omits the OR code since you want to stop matching domains after the last RewriteCond line.
You can display a 403 Forbidden error code instead of an image. Replace the last line of the previous examples with this line:
RewriteRule .*\.(jpe?g|gif|bmp|png)$ - [F]
Warning: Do not use .htaccess to redirect image hotlinks to another HTML page or server that isn't your own (such as this html page). Hotlinked images can only be replaced by other images, not with an HTML page.
As with any htaccess rewrites, you may block some legitimate traffic (such as users behind proxies or firewalls) using these techniques.
Re: Protect files
Hi, thanks for your response and help.
I want to show videos and information only to members of my website.
I want to keep the video files and images can be viewed publicly without being a member.
Contao is the best CMS there is. Support your community in Spanish
http://www.contaoespanol.com
I do not speak English but I try to help with a translator
Re: Protect files
I'm probably misunderstanding, because you want to protect your files from being accessed publicly, but I have to be able to access the files without being a member... To me those two statements are in conflict; you can't protect files from being accessed AND allowing them to be accessed to unknown people at the same time.
What you CAN do is create several directories and protect one directory with the sensitive information and not protect the other with public information.
Perhaps you can try and describe the situation?
Re: Protect files
My English is very bad, sorry :-(
I need to create an intranet where all the contents are private.
As I can lock files and videos from the browser?
example:
http://midominio.com/tl_files/theme/videos/video.mp4
???
Thanks
Contao is the best CMS there is. Support your community in Spanish
http://www.contaoespanol.com
I do not speak English but I try to help with a translator
Re: Protect files
Clicking the grey padlock icon in the File Manager will protect all files in that folder (it will turn yellow when the folder is protected). It does this by writing an .htaccess into that folder for you.
Re: Protect files
Hi ramjet,
Very thanks
Did not know this functionality. Just what I needed :-)
Contao is the best CMS there is. Support your community in Spanish
http://www.contaoespanol.com
I do not speak English but I try to help with a translator
Re: Protect files
:D ,
The trouble is, as Ruud points out, this will also prevent the files from being accessed by you, or members, or the Contao filetree etc. They are now protected from EVERYONE via a browser.
Re: Protect files
That's why I did not point out the lock in Contao file manager, it adds an .htacces with order deny,allow deny from all. I hadn't thought that to be very helpful, the only one able to access the files would be the server itself.
Posting Permissions
Reply With Quote
Bookmarks