Protect file name

  • Resolved nd00jan

    (@nd00jan)


    4 years, 10 months ago

    So with EDD the folders are protected, but I noticed that if a person figure out the complete URL that also include the file name, then they can acess the file.

    So how do I protect the actual file? Should I name the file with a name much like a password, for example: “Ax6XRmA23lqS.xlsx”.

    Then they would have a hard time figure it out.

    As for now the file names have same name as the product name that can be viewed on my website.

Viewing 2 replies - 1 through 2 (of 2 total)
  • Plugin Contributor Pippin Williamson

    (@mordauk)

    The file download URLs in EDD cannot be guessed as they are tokenized to ensure security and uniqueness.

    When files are uploaded to a product in EDD, those files are placed inside of a special folder at wp-content/uploads/edd/ that is protected from direct access, so even if a person were to guess the exact path to the file on the server, they would not be permitted to access it.

    In order for EDD to protect the files from direct access, it is necessary that the files reside in wp-content/uploads/edd. If they are placed anywhere else, EDD cannot protect the files.

    Note, in some cases EDD is not able to automatically protect the files inside the /edd/ folder and a manual configuration file needs to be placed on the server. Please see our doc here: https://docs.easydigitaldownloads.com/article/194-are-download-files-protected

    Because there have not been any recent updates to this topic we’ll be changing the status to resolved. If you have any further questions you can start a new thread, or head over to our support page to submit your request if it is related to one of our available add-ons.

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Protect file name’ is closed to new replies.