Security Checks

You can simply add your own security check or override existing ones and change their priorities. Your check has to extend the AbstractCheck class.

Register Security Check

You can add following method call to your ext_localconf.php file:


Instead of tx_securedownloads_group you can use your own unique identifier. The second argument of that method contains the class of your check. The third one mirrors the priority of your check and you can override existing checks when you set the fourth argument of that method to true.


An example of how to register your own security check can be found in the example extension. This example check allows only a single access to a file. On the second call, the link is identified as invalid and the server returns a 403 status code.

Register the Check



The Security Check


class OneTimeCheck extends AbstractCheck
     * @var RsaToken
    protected $token;

    public function hasAccess(): bool
        $claimRepository = new ClaimRepository();

        if (!$claimRepository->isClaimed($this->token)) {

            return true;

        return false;