Security Of Files In The ' .../phocadownload/ Folder
Posted: 06 Mar 2012, 20:08
Hello All,
This is my first post in the Phoca Forum, ...and I am a 'Newbie', ...for sure !
I have searched the Phoca Forum to better understand the relative level of security (protection of) file(s) that have been uploaded to the ../phocadownload/ folder on the server.
My level of understanding to date, .. concerning the access to those files by logging into the Joomla website (..and setting the appropriate permissions) for users, ...is clear and I understand how these features work.
What I am concerned about is a hacker gaining access to those files using a browser, and perhaps the hacker having some knowledge of the Joomla system directory structure, ...and ultimately, ...accessing those files without logging into the site.
I noticed the alias strings in the address bar of my browser when I go to different pages in my Joomla website. Are there ways that hackers can copy and used the alias text strings to break into my ../phocadownload/ folder and access my private files?
Should I be considering an alternative approach, ...or ...does the Phoca Download system already provide a reasonable level of protection for those files on the server?
Thanks for any feedback.
This is my first post in the Phoca Forum, ...and I am a 'Newbie', ...for sure !
I have searched the Phoca Forum to better understand the relative level of security (protection of) file(s) that have been uploaded to the ../phocadownload/ folder on the server.
My level of understanding to date, .. concerning the access to those files by logging into the Joomla website (..and setting the appropriate permissions) for users, ...is clear and I understand how these features work.
What I am concerned about is a hacker gaining access to those files using a browser, and perhaps the hacker having some knowledge of the Joomla system directory structure, ...and ultimately, ...accessing those files without logging into the site.
I noticed the alias strings in the address bar of my browser when I go to different pages in my Joomla website. Are there ways that hackers can copy and used the alias text strings to break into my ../phocadownload/ folder and access my private files?
Should I be considering an alternative approach, ...or ...does the Phoca Download system already provide a reasonable level of protection for those files on the server?
Thanks for any feedback.