How to secure ['file_storage_path']

Get help from the community here.

Moderator: Developers

Posts: 24
Joined: Thu Jan 21, 2010 10:45 pm

How to secure ['file_storage_path']

Postby darius1302 » Tue Mar 16, 2010 5:26 am


i installed GO on an webspace. So the ['file_storage_path'] is also in the webroot.

i access GO with
but i also can access it with also the storage folder

How to secure the ['file_storage_path'] folder ?
Posts: 50
Joined: Mon Sep 14, 2009 11:38 am
Location: France

Re: How to secure ['file_storage_path']

Postby ael » Tue Mar 16, 2010 7:31 am


If you don't have any access to the filesystem directly I think your best bet is to use a custom .htaccess file.

Something along the lines of :

Code: Select all

Options All -Indexes

 order deny,allow
 deny from all
Group-Office Expert
Group-Office Expert
Posts: 546
Joined: Tue Jul 14, 2009 2:25 pm
Location: Norway

Re: How to secure ['file_storage_path']

Postby rosetta » Tue Mar 16, 2010 8:45 am

I think it is very risky to have the file storage in the web root.

I have seen hosting companies where users can view the www directories of all other users when they are logged in via SSH / shell access :(

.htaccess will not protect in those cases.

Are you sure that you can not create a folder along side your www dir ?

Who is online

Users browsing this forum: No registered users and 8 guests