Gravity Support Forums Topic: Securing file uploads?

Gravity Support Forums Topic: Securing file uploads? https://legacy.forums.gravityhelp.com/topic/securing-file-uploads Gravity Support Forums Topic: Securing file uploads? en-US Sat, 04 Apr 2026 19:15:32 +0000 http://bbpress.org/?v=1.0.1 <![CDATA[Search]]> q https://legacy.forums.gravityhelp.com/search.php Jukka Karvonen on "Securing file uploads?" https://legacy.forums.gravityhelp.com/topic/securing-file-uploads#post-26471 Fri, 27 May 2011 12:51:05 +0000 Jukka Karvonen 26471@https://legacy.forums.gravityhelp.com/ Good to know that you have plans for it. Some kind of download manager would allow direct access to be denied with htaccess. Now I just made it little more difficult to access uploaded files by checking login cookie if trying to load them. RewriteCond %{HTTP_COOKIE} !^.*wordpress_logged_in_.*$ RewriteRule ^(.*)files/gravity_forms(.*)$ <a href="http://my.site/" rel="nofollow">http://my.site/</a> [NC,R,L] Carl Hancock on "Securing file uploads?" https://legacy.forums.gravityhelp.com/topic/securing-file-uploads#post-26464 Fri, 27 May 2011 11:41:54 +0000 Carl Hancock 26464@https://legacy.forums.gravityhelp.com/ There is not currently a way to restrict attachment file downloading. However, the links to these can only be accessed via the entry detail. The URL's to the files are unlikely to be guessed due to the file folder structure. In the future we would like to add more security, however that will require .htaccess modifications in order to implement. Jukka Karvonen on "Securing file uploads?" https://legacy.forums.gravityhelp.com/topic/securing-file-uploads#post-26440 Fri, 27 May 2011 01:46:42 +0000 Jukka Karvonen 26440@https://legacy.forums.gravityhelp.com/ I would also like to know if there is any way to restrict attachment file downloading to administrators and editors only. frankp on "Securing file uploads?" https://legacy.forums.gravityhelp.com/topic/securing-file-uploads#post-16180 Thu, 13 Jan 2011 18:44:08 +0000 frankp 16180@https://legacy.forums.gravityhelp.com/ Curently when someone uploads an attachment with a form it goes into the uploads folder and is browseable if someone knew the filename. While I know this is unlikely, is there a way to make file uploads more secure for peace of mind? Thanks!