Reputation: 21
PHP Laravel : How to restrict direct access to files in laravel ( http://localhost/projectname/public/uploads/sample.pdf)
Since I am new to Laravel, I am facing some issues in file system and security concerns, my question is..
How to restrict direct access to files in laravel ( http://localhost/projectname/public/uploads/sample.pdf)
I don't want the user to show (get the access) of folder where the files are being save. Problem is if he show the folder he will try to access other files via. directly opening the document path, which is not secure as per privacy point. Just want to prevent any unauthorized access to the file...!
Any valuable feedback will he highly appreciated.
Upvotes: 1
Views: 3386
Answers (1)
Reputation: 35357
Store it in your storage directory, not your public directory.
Then provide a link that uses a file download response: http://laravel.com/docs/5.6/responses#file-downloads, in which you can verify authorization.
Never allow access outside your public directory.
Upvotes: 3
Related Questions
- Laravel: How to prevent users loading files from outside the base path
- How to control access to files at another server in Laravel
- Stopping direct file access using URL
- How to make a public directory restricted in laravel?
- Laravel: Prevent direct access of files from public folder
- restrict access on public folder in laravel 4.2
- Laravel 4.2 filter access to uploaded files
- Laravel 4: prevent access to any file or folder except public
- laravel prevent unauthenticated users from viewing the files