Support

Mandatory information about my setup:

Have I read the related troubleshooter articles above before posting (which pages?)? Yes
Have I searched the tickets before posting? Yes, I can't find anything relating to my query.
Have I read the documentation before posting (which pages?)? Yes, but I'm a bit of a newbie and get confused easily.
Joomla! version: (2.5.8)
PHP version: (5.4.7)
MySQL version: (I don't know)
Host: (Woking on a local copy for now using xampp but will be hosted on dreamhost)
Admin Tools version: (2.4.4)

Description of my issue:

Please bare with me while I try and explain and forgive me if this is outside the scope of your support.

I have some data that I want to present in joomla that changes frequently.
These are price lists that I want to be able to control who has access to. (Not massively secret but I wish to have some level of protection.) I have experimented with a lot of ways of publishing this info but the easiest so far for me is the following procedure.
1. My accounting software generates html pages and supporting files to a folder
2. I upload this folder to images/spreadsheets/
3. Using a wrapper module and the load {loadposition module} plugin I can present the data in an article exactly as I want and with minimal effort.
4. To updadate this I simply upload the new files into the folder.

My problem is as follows:
Whilst the above procedure is perfect for me I have discovered that if someone has the direct address for the html file they can open it outside of joomla bypassing ACL. For example http://www.mysite.com/images/spreadsheets/pricelist.htm
I have read your documentation and learned that the images folder and sub directories is excepted from much of the security that the other joomla folders possess. So I tried placing my files in a subdirectory of administrstor. But then when I view the article in joomla the module loads with a 403 error. 

Simply put I want to protect my uploaded html files from direct linking and still allow joomla to call on and present them.

Is this possible and can you tell me please what I need to do?

I have spent quite a bit of time reading about .htaccess files and have only succeeded in confusing myself.

My thanks in advance for your assistance.

Ok I thought that this was something that could be done with a .htaccess rule.
At least I know to stop looking if it cant be done.

I may have confused the issue by mentioning ACL though. Really I just want joomla to be able to call the file while not allowing it to be public.

Ok, I accept it is not possible. Thank you.

I think I misled myself when I read various google results about mod rewrite rules preventing hotlinks.

I will look for an alternative solution.

 

What about a .htaccess rule that redirected all paths to a folder outside the site root?

 

This ticket has been automatically closed. All tickets which have been inactive for a long time are automatically closed. If you believe that this ticket was closed in error, please contact us.