Tips and Tricks HQ Support

Support site for Tips and Tricks HQ premium products

  • Home
  • Contact Us
  • Documentation
  • Forum Home
    • Forum
    • Forum Search
    • Forum Login
    • Forum Registration

Digital download folder

by

Tips and Tricks HQ Support Portal › Forums › WP eStore Forum › Digital download folder

  • This topic has 3 replies, 2 voices, and was last updated 14 years, 8 months ago by amin007.
Viewing 4 posts - 1 through 4 (of 4 total)
  • Author
    Posts
  • September 8, 2010 at 11:50 am #1802
    Anonymous
    Guest

    Hi

    i understand that when I upload an mp3 via the media library Media tab, the URL is:

    http://mywebsite.com/wp-content/uploads/image/etc.mp3 (the mp3 ends up in the media folder on my file directory).

    I know that the digital download that customers receive when they purchase is encrypted, but from what I’ve read, shouldn’t the ‘image’ folder where the mp3 gets uploaded to, have a .htaccess and .htpassword file within it?

    Thx

    September 9, 2010 at 1:31 am #24064
    Anonymous
    Guest

    Please I need a response as I can’t proceed with building my website.

    Thank you.

    September 9, 2010 at 1:48 am #24065
    Anonymous
    Guest

    It’s ok I’ve worked it out.

    When I copied the above URL and pasted it into a browser and changed the song title (to another song I had in my media folder), it found all my mp3s without issue. AllI had to do was change the name of the song within the URL and I was in!.

    I was able to download/steal my own mp3 easily to my desktop, so a hacker could easily do this.

    If a wordpress user knows that files or ebooks or mp3s will be stored in this media folder, and you crusie through a website, just noting the name of the download and changing the above URL to suit, you can gain access to someone files. It’s okay to have an encrypted download link, but the folder must be encrypted also.

    I put a .htaccess and .htpassword file in the media folder, then typed the URL into a browser and it asked for my username and password – now the folder is protected!

    This may come as a warning to all wordpress users.

    September 9, 2010 at 2:19 am #24066
    amin007
    Participant

    If probably haven’t read this thread that explains this in details:

    https://support.tipsandtricks-hq.com/forums/topic/download-directory-protection

  • Author
    Posts
Viewing 4 posts - 1 through 4 (of 4 total)
  • You must be logged in to reply to this topic.
Log In

Forum Related

  • Forum Home
  • Forum Search
  • Forum Registration
  • Forum Login

Support Related Forms

  • Contact Us
  • Customer Support
  • Request a Plugin Update
  • Request Fresh Download Links

Useful Links

  • Plugin Upgrade Instructions
  • WP eStore Documentation
  • WP eMember Documentation
  • WP Affiliate Platform Documentation
  • Tips and Tricks HQ Home Page
  • Our Projects

Quick Setup Video Tutorials

  • WP eStore Video Tutorial
  • WP eMember Video Tutorial
  • WP Affiliate Platform Video Tutorial
  • Lightbox Ultimate Video Tutorial

Our Other Plugins

  • WP Express Checkout
  • Stripe Payments Plugin
  • Simple Shopping Cart Plugin
  • Simple Download Monitor

Copyright © 2025 | Tips and Tricks HQ