CMS Made Simple Forums

Content management as it is meant to be
https://forum.cmsmadesimple.org/

Security Right For Me?

https://forum.cmsmadesimple.org/viewtopic.php?t=13257

Page 1 of 1

Security Right For Me?

Posted: Thu Jul 05, 2007 11:25 am
by tommyc
We have currently a working cms using rainbow which requires users to log on to access files.  No one without a log on can access the system but we have encounted a problem with the security of the documents.  We have found that if the url of the files are copied into a browser you can access the files without being logged on.  Obviously this is a problem and we are currently looking for an alternative cms.  Can anyone please tell me if cmsms can allow us to do what we are currenly using but with better security. 
Thanks tom

Re: Security Right For Me?

Posted: Thu Jul 05, 2007 12:07 pm
by moorezilla
have a look at this module:

http://dev.cmsmadesimple.org/projects/securefile/

Re: Security Right For Me?

Posted: Fri Jul 06, 2007 10:36 am
by kermit
simple enough (for most folks and hosting environments anyway) to apply server-side http authentication to the (sub) directory storing the files to download. it's a little more work managing users/passwords that way compared to cmsms users; although there are scripts available elsewhere to help with that, too (also, some hosting control panels have a web-based method already available to manage "protected directories").

you could also put the files to download on an ftp server (non anonymous!) and manage the users/passwords for it instead.

if you have a dedicated it staff, they should be willing to help do this, or at least show you how, as they'd be (they'd better be ;)) just as interested in document security online as you are... if it's only local LAN folks who need to access the files, consider an intraweb instead of posting them to the world on the internet.
All times are UTC
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited