AppGini Community Forums

Hello everyone!
I believe that "appgini" has a big limit in relation to the management of security and privacy but I am sure that this can be overcome with some code. I'm not an expert so I need the help of the heroes of the forum!
Here is my question:
how can you prevent access to the "images" folder and the "hook" folder ???
Compared to the "images" folder, the problem is that if a path is stored in the browser, those who do not have the privileges to view the attachments (images, files ...) can still download them and this is a serious problem for the respect of the GDPR.
Compared to the Hooks folder the problem in my case is that I created a CSV file (which updates itself with the names and surnames inserted in the "personal data" table) so as to make a multiple selection possible in another table, and this csv file is accessible to anyone. This is also a serious problem for the law on personal data protection!

Thanks to those who can suggest a solution!

Hello!

Fabiano Gazza

Hi Fabiano,

1. Just use Hotlink Protection in your hosting account.
2. Use this line in your .htaccess
Options -Indexes
3. Place an empty index.html file in the folder to prevent browsing your folder, just in case your .htaccess is overwritten or change.

I use this personally and works fine.

AhmedBR