Extension Configuration

All configuration is made in the "Extension Configuration" section of the "Settings" module beneath the "Admin Tools".

Extension Configuration

The extension configuration can be found in the admin tools.

Properties

Property

Tab

Type

createFileStorage

Parsing

boolean

securedDirs

Parsing

string

securedFiletypes

Parsing

string

linkPrefix

Link Generation

string

tokenPrefix

Link Generation

string

cachetimeadd

Link Generation

positive integer

documentRootPath

Link Generation

string

enableGroupCheck

Group Check

boolean

groupCheckDirs

Group Check

string

excludeGroups

Group Check

string

strictGroupCheck

Group Check

boolean

outputFunction

File Delivery

options

protectedPath

File Delivery

string

forcedownload

File Delivery

boolean

forcedownloadtype

File Delivery

string

allowPublicAccess

File Delivery

boolean

log

Module

boolean

skipCheckConfiguration

Backend

boolean

createFileStorage

Property

createFileStorage

Data type

boolean

Default

false

Description

If enabled, a secure downloads file storage is created and automatically added to your system. Also, an .htaccess file will be put into that directory. If you are using an nginx web server, you have to deny the access to this path manually. Please note, that this configuration will be set to true by default in upcoming versions.

securedDirs

Property

securedDirs

Data type

string

Default

typo3temp|fileadmin

Description

List of directories of your TYPO3 Server in that files should be secured, separated by pipe (|). Files in subdirectories will also be secured. You can use regular expressions for this option.

securedFiletypes

Property

securedFiletypes

Data type

string

Default

pdf|jpe?g|gif|png|odt|pptx?|docx?|xlsx?|zip|rar|tgz|tar|gz

Description

List of file types (file extensions) that should be protected. Multiple file extension patterns can be separated by a pipe (|). You can use an asterisk (*) if you want to protect all files within configured directories. You can use regular expressions for this option.

linkPrefix

Property

linkPrefix

Data type

string

Default

securedl

Description

Prefix for generated links (the "securedl" part in "https://example.com/securedl/sdl-[JWT]/image.png").

tokenPrefix

Property

linkPrefix

Data type

string

Default

sdl-

Description

Prefix for generated token (the "sdl-" part in "https://example.com/securedl/sdl-[JWT]/image.png").

cachetimeadd

Property

cachetimeadd

Data type

positive integer

Default

3600

Description

The secure link is only valid for a limited time, which is calculated from the cache time that is used for the page that carries the link plus this value (in seconds).

documentRootPath

Property

documentRootPath

Data type

string

Default

/

Description

Do only change this configuration option, if your TYPO3 instance is running in a subfolder or you are using a SSL reverse proxy to map TYPO3 into a virtual subfolder. This configuration must start and end with a slash (e.g. "/proxy-typo3/").

enableGroupCheck

Property

enableGroupCheck

Data type

boolean

Default

false

Description

Allows forwarding a secure download link to others, who can access that file if they have at least one front-end user group in common. Enabling this makes the checks less restrictive!

groupCheckDirs

Property

groupCheckDirs

Data type

string

Default

unset

Description

A list of directories for the less restrictive group check, separated by a pipe (|). Leave empty if you want to enable the group check for all directories. You can use regular expressions for this option.

excludeGroups

Property

excludeGroups

Data type

string

Default

-1,0

Description

A comma separated list of groups that are excluded from the group check feature (if enabled).

strictGroupCheck

Property

strictGroupCheck

Data type

boolean

Default

false

Description

If enabled, files are only delivered if the user groups exactly match those of the secured link.

outputFunction

Property

outputFunction

Data type

options

Default

stream

Description

Files are delivered as a file stream to the browser. For nginx web servers, there is the possibility to deliver the file directly from the server by setting this property to "x-accel-redirect".

protectedPath

Property

protectedPath

Data type

string

Default

unset

Description

Only applicable if you use x-accel-redirect (see: outputFunction). Specify the protected path used in your nginx location directive. A matching nginx location directive needs to be added.

Example

location /internal {
    internal;
    alias /path/to/your/protected/storage;
}

forcedownload

Property

forcedownload

Data type

boolean

Default

false

Description

If this is checked some file types are forced to be downloaded (see: forcedownloadtype) in contrast of being embedded in the browser window.

forcedownloadtype

Property

forcedownloadtype

Data type

string

Default

odt|pptx?|docx?|xlsx?|zip|rar|tgz|tar|gz

Description

A list of file types that should not be opened inline in a browser, separated by a pipe. Only used if "forcedownload" (see: forcedownload) is enabled. You can use an asterisk (*) if you want to force download for all file types. You can use regular expressions for this option.

allowPublicAccess

Property

allowPublicAccess

Data type

boolean

Default

true

Description

If this option is activated, valid links are generated for users who are not logged in. If this option is deactivated, unregistered users (user ID = 0) will not be able to access secured files.

log

Property

log

Data type

boolean

Default

false

Description

Each file access will be logged to database, this could be a performance issue, if you have a high traffic site. If you decide to turn it on, a backend module will be activated to see the traffic caused by user/ file

skipCheckConfiguration

Property

skipCheckConfiguration

Data type

boolean

Default

false

Description

Skip checking the secured files and directories in the extension's configuration module. The sections "Check Direct File Access" and "Checks directories matching the pattern" will not be rendered. This option may be useful if you have many or large secured directories.