Hello!
I have a serious security issue. Suppose my site URL is http://www.abc.com
Now I have a secure admin panel folder xyz in it and ant this folder contains a subfolder where I storing the uploaded .pdf files and only after providing a valid username & password one can download these pdfs.
But if user types the direct URL in browser http://www.abc.com/xyz/pdfFolder/filename.pdf
Then he easily access that pdf without any authentication.
Please help me. I had searched a lot on it but don’t find any solution.
Everywhere I found .htaccess file as a solution but if I do that then I wont b able to download that file even after authentication, it says a corrupted pdf file.
Its Really very urgent!
Thanks for any help