We want to sell downloadable products but are concerned about the way cs-cart handles the files.
Normally, files are stored in a subfolder within the hierarchy of the site. For example: /images/companies/1
I know that cs-cart generates another link for users. Nevertheless, if people find out the location of files they could easily download them, especially if filenames can be guessed. For example:
/images/companies/1/Song1.mp3
/images/companies/1/Song2.mp3
/images/companies/1/Song3.mp3
If someone goes to www.example.com//images/companies/1/Song1.mp3 the file will download.
So, my question is, is there a way to prevent this? For example, some other systems allows you to store the files outside the web hierarchy, so they are impossible to access from the outside, and yet the shopping cart software is able to grab them. Can this be somehow achieved in cs-cart? If not, what is the best suggestion to prevent people from accessing files publicly?
We want to sell downloadable products but are concerned about the way cs-cart handles the files.
Normally, files are stored in a subfolder within the hierarchy of the site. For example: /images/companies/1
I know that cs-cart generates another link for users. Nevertheless, if people find out the location of files they could easily download them, especially if filenames can be guessed. For example:
If someone goes to www.example.com//images/companies/1/Song1.mp3 the file will download.
So, my question is, is there a way to prevent this? For example, some other systems allows you to store the files outside the web hierarchy, so they are impossible to access from the outside, and yet the shopping cart software is able to grab them. Can this be somehow achieved in cs-cart? If not, what is the best suggestion to prevent people from accessing files publicly?
Thank you very much and happy 2016! =)
Why did you decide that downloadable files are stored in images folder? They are actually stored in var/downloads protected by .htaccess file.