For Administrators¶
This chapter describes how to install and how to configure this extension within the settings module of your TYPO3 instance.
Important
This extension cannot secure links to files that you include in CSS, PDF, ... files.
Installation¶
There are several ways to require and install this extension. We recommend getting this extension via composer.
Via Composer¶
If your TYPO3 instance is running in composer mode, you can simply require the extension by running:
composer req leuchtfeuer/secure-downloads:>=5.0
Via Extension Manager¶
Open the extension manager module of your TYPO3 instance and select "Get Extensions" in the select menu above the upload button.
There you can search for secure_downlaods
and simply install the extension. Please make sure you are using the latest version
of the extension by updating the extension list before installing the Secure Downloads extension.
Via ZIP File¶
You need to download the Secure Downloads extension from the
TYPO3 Extension Repository and upload the ZIP file to the extension
manager of your TYPO3 instance and activate the extension afterwards.
You can also download an archive from GitHub and put
its content directly into the typo3conf/ext
directory of your TYPO3 instance. But please keep in mind, that the name of the
folder must be secure_downloads
(the repository name will be default).
Best Practices¶
You can configure this extension to fit your specific needs. However, here are some "best practices" that may help you when first using Secure Downloads:
Install this extension as described above
Enable the create file storage option
Put your files into that storage
If you need to secure files outside of that directory, you still can adapt the securedDirs and securedFiletypes options.
Access Configuration¶
You need to secure all the directories and file types by your server configuration. This can be done with .htaccess
files.
You find some example .htaccess
files below and in the
Resources/Private/Examples
directory of this extension.
Example Configuration¶
Please make sure to adapt the file match pattern as configured in securedFiletypes.
.htaccess deny
# Apache 2.4
<IfModule mod_authz_core.c>
<FilesMatch "\.([pP][dD][fF]|[jJ][pP][eE]?[gG]|[gG][iI][fF]|[pP][nN][gG]|[oO][dD][tT]|[pP][pP][tT][xX]?|[dD][oO][cC][xX]?|[xX][lL][sS][xX]?|[zZ][iI][pP]|[rR][aA][rR]|[tT][gG][zZ]|[tT][aA][rR]|[gG][zZ])$">
Require all denied
</FilesMatch>
</IfModule>
# Apache 2.2
<IfModule !mod_authz_core.c>
<FilesMatch "\.([pP][dD][fF]|[jJ][pP][eE]?[gG]|[gG][iI][fF]|[pP][nN][gG]|[oO][dD][tT]|[pP][pP][tT][xX]?|[dD][oO][cC][xX]?|[xX][lL][sS][xX]?|[zZ][iI][pP]|[rR][aA][rR]|[tT][gG][zZ]|[tT][aA][rR]|[gG][zZ])$">
Order Allow,Deny
Deny from all
</FilesMatch>
</IfModule>
.htaccess allow
# Apache 2.4
<IfModule mod_authz_core.c>
<FilesMatch "\.([pP][dD][fF]|[jJ][pP][eE]?[gG]|[gG][iI][fF]|[pP][nN][gG]|[oO][dD][tT]|[pP][pP][tT][xX]?|[dD][oO][cC][xX]?|[xX][lL][sS][xX]?|[zZ][iI][pP]|[rR][aA][rR]|[tT][gG][zZ]|[tT][aA][rR]|[gG][zZ])$">
Require all granted
</FilesMatch>
</IfModule>
# Apache 2.2
<IfModule !mod_authz_core.c>
<FilesMatch "\.([pP][dD][fF]|[jJ][pP][eE]?[gG]|[gG][iI][fF]|[pP][nN][gG]|[oO][dD][tT]|[pP][pP][tT][xX]?|[dD][oO][cC][xX]?|[xX][lL][sS][xX]?|[zZ][iI][pP]|[rR][aA][rR]|[tT][gG][zZ]|[tT][aA][rR]|[gG][zZ])$">
Order Deny,Allow
Allow from all
</FilesMatch>
</IfModule>