Introduction
Sometimes you only want to make certain files available to registered users on the website. To do this, you can enable pages or content elements for registered users only.
However, files can still be downloaded by anyone as long as the direct link to these files is known. This is because files are usually stored somewhere below the fileadmin directory and could be accessed via a link such as
domain.de/fileadmin/user_upload/my_pdf.pdf
can be loaded directly.
With the extension fal_securedownload you can protect files even better, as a separate file storage is used here, which can also be located outside the so-called document root, i.e. outside the TYPO3 project. The links to these files are then not displayed in plain text, but are downloaded via the extension.
In addition, directories can also only be released for certain frontend user groups, so that you have double security here.
The following video and text instructions show how to set up this extension.
Prerequisite: Frontend user groups and users should already be set up, as well as the possibility of a frontend login.
Set up new file storage
The next step is to create a new file storage. In this example, we will create a directory outside of the so-called document root, i.e. outside of our TYPO3 project directory.
This has the advantage that this directory cannot be accessed via a web browser.
Log in to the shell with your SSH access data and create a directory for the protected files. As an example, we create a directory called secure in the typo3cms/ directory with the command
mkdir secure
Read out absolute server path
For the next step, you need the absolute path to the secure directory on the server.
So switch back to the shell and go to the secure directory with the command
cd secure
You can display the server path with the command
pwd
Paste the output of this command into your clipboard (select with the mouse, then use the key combination ctrl+c (Windows, Linux) or cmd+c (Mac)).
Configure file storage
Now switch back to the backend to the settings of the new file storage.
In the General tab, enter a title of your choice, for example Secure.
In the Configuration tab, enter the absolute server path that you read out in the previous step in the Path to base input field (key combination ctrl+v (Windows, Linux) or cmd+v (Mac)). Add a slash at the end of the path!
Select "absolute" for the path type
In the Access tab, deactivate the checkbox for "Is publicly available?"
Then click on Save.
Now check whether the "Is online?" checkbox is active in the Access area!
If you now switch to the file list module, you should already see the new file storage. If only a TYPO3 error message appears now, check again whether the checkbox for "Is online?" is active.
In the file list module, you can now create folders and upload files within the new file store as usual.
In this example, we will create a folder called test1 and upload a few files of our choice to the folder for testing.
Set directory permissions
You can now assign user groups to the previously created folder.
To do this, left-click on the folder icon and select Folder permissions in the context menu.
In the mask that now opens, you will see all available user groups in the right-hand area. You can assign one or more groups to the folder by clicking on them.
Alternatively, you can also select "Show when logged in", in which case users will see the contents of the folder regardless of which specific group they belong to.
Links to protected files in content elements
If someone now wants to call up the file in the frontend without being logged in as a frontend user, they will only receive an error message.
The extension documentation also describes how a redirection to any page can be implemented instead of the error message.
This page contains automatically translated content.