Uploaded content visible without login

  • Content–ie pdfs and photos–uploaded to restricted pages is appearing in search engines. How do I prevent this?

Viewing 3 replies - 1 through 3 (of 3 total)
  • Thread Starter caffryfrankel

    (@caffryfrankel)

    As an update, this is only happening on one page, and with two of seven PDFs posted on that page. I have other group restricted pages and they are fine. And they were all set up in exactly the same way. Unfortuately, it was sensitive information and I want to make sure that it doesn’t happen again. I

    Plugin Author Kento

    (@proaktion)

    Hi @caffryfrankel,

    The thing with files uploaded to the Media section – which I suppose is where you have them – is that although the attachment itself is protected, the files themselves are still accessible via their direct URL. It would be great if we could protect both the attachment and the media file itself but the solution to that is not as simple as it might seem (although there are plans to make it possible).

    Currently there are two solutions to that, one would be to use temporary links to the files and use Groups’ [groups_member] shortcode to surround what is used to render the temporary link – for example using Amazon S3 it could look like this (the example uses a shortcode from S3 Secure URL – I haven’t tested the plugin but it serves to explain the idea) :

    [groups_member group="Premium"]
[s3secureurl bucket='bucket-name' target='/path/to/file.ext' expires='5']Download Now[/s3secureurl]
[/groups_member]

    And the other solution would be to use Groups File Access (premium plugin) for files that need to be protected, including direct access to their URL. Please have a look at the Documentation for details.

    I hope that helps, any suggestions around this type of requirement are very welcome, I think there’s a lot of room for features, things that that can be improved and taken into account.

    Cheers

    Thread Starter caffryfrankel

    (@caffryfrankel)

    Thanks for your response. I have looked at your premium plugin–Groups File Access and want to make sure this will work for me before I purchase it.

    I need to upload PDFs and jpegs with sensitive information to pages that are protected with group access and ensure that only users within a specific group can access them. Will this plugin accomplish this? If so, will they have to reenter their username and password to access? Or once they login, can they move freely to the media? Our users are museum volunteers and I do not want this to be any more difficult for them than it already seems to be!

    Thanks

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Uploaded content visible without login’ is closed to new replies.