Hi,
I use Upload Zip to upload course materials to the units. It works but there is one thing that bothers me a lot.
I do not know what is wrong, but the uploaded file's link can be found in page source (as in the iframe tag). When I copy that link to browser, no matter I log in or not, I can see all the files, and the url below will show everyone all the content I ever uploaded.
http://mysite/wp-content/uploads/package_uploads/
How can I fix this? This is really bad for me to sell my courses...
Well that option is to upload the articulate or adobe captivate projects to embed them using the iframes in units .
Please refer this tip fot the unit attachments :
https://wplms.io/support/knowledge-base/enabling-and-adding-unit-attachments/
Hi Alex,
Thanks for the reply.
I did upload the content using "upload ZIP" button and put them in an iframe. It works well to be seen in the unit.
The problem is the uploaded file is unzip to the /wp-content/uploads directory. If anyone knows the url to this directory (which is easy by looking up the page source and the iframe), he will be able to enter that url to a browser and access anything I have uploaded.
Is there any way to block ppl from directly access the uploads directory?
The main limitation is that any public content needs to be public on the internet. There are ways to protect this but none of these are fool proof.
An easy way to protect your files could be via setting .htaccess rules.
example