-
Notifications
You must be signed in to change notification settings - Fork 2
-
Notifications
You must be signed in to change notification settings - Fork 2
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
rename existing folders when using pagefile secure #1006
Comments
@jmartsch This is something that happens when any files/images field is accessed on the page. There's potential for there to be thousands or even millions of file directories on a site, so it's not something that can just be toggled and instantly change everything. It's potentially a major file system change that could take a lot of time if done at once. PW doesn't have any idea if a page is viewable until actually loading it and checking it. It's going to do that anytime you attempt to access a page, and it'll check that it's got the right type of directory anytime you attempt to access any kind of file on the page. So it will happen on its own naturally, but may take awhile. If you want, you can speed the process by letting a crawler loose on your site. Or if the quantity of pages in your site is small enough that it's practical to script it, you can try this, which will force it to check (and update) every file directory on your site:
|
Thanks for the quick reply @ryancramerdesign . The thing is, that I have no public facing website, as it is a admin only application. So there is no view of a page outside of the admin. Only ProcessPageEdit is used. I will try out the script you provided and report back how it went. |
Running the script in Tracy Debugger was fast, but without result. The folders are still not prefixed and files in it are accessible for users not logged in. |
It won't matter if it's an admin-only application. What matters is the access control settings of the pages being edited. Even if there's no front-end view, the pages you want to prevent file access to would still have to be access controlled. You can do this in Setup > Templates > template, enable access control and uncheck the "guest" checkbox for view permission. Do this for all of your templates that represent pages you want protected. Or, if they all descending from some common parent page (other than Home) then you could just access control the template that represents that common parent. |
Perfect. The guest setting was the missing link. That did it. |
Folders for my pages with images and/or files where created before I added the pagefileSecure option to site/config.php. Now after adding it, I want that my files are secured, but the folders in site/assets/files still exist without the pagefileSecurePrefix. Shouldn't these be renamed automatically if pagefileSecure is active?
It would be a tedious task to rename all the folders by hand.
Server Details
Server Settings
GD Settings
Module Details
The text was updated successfully, but these errors were encountered: