Set Upload Secure Folder

  • Posts: 29
  • Thank you received: 1
12 years 1 month ago #68526

Greetings. In your support documentation for product files it says the following:

"The files you upload here will be saved in the upload secure folder of HikaShop. You can change its location in the configuration page of HikaShop under the Files tab. It is highly recommended that you set this folder outside the website directory. When you do so, the files won't be moved by HikaShop and if you already uploaded some files, you will have to move them manually from the old folder to the new one."

I have no idea what those last 2 sentences are saying. On the configuration/file page there are 2 fields that seem to be relevant.
One is Upload Secure Folder which has "media/com_hikashop/upload/safe/" entered in the field.
The other is Upload Folder which has "media/com_hikashop/upload/" entered in the field.

Can you please be specific in what is meant by "set this folder outside the website directory" and how to do it? I haven't uploaded any files yet, and want to make sure they're uploaded into the right place without having to be moved later...Thank you!

Last edit: 12 years 1 month ago by raggatt.

Please Log in or Create an account to join the conversation.

  • Posts: 82726
  • Thank you received: 13342
  • MODERATOR
12 years 1 month ago #68567

You don't need to do anything.

If you want, you can put your files in a folder outside of your website folder. For example, if your website is in C:\wamp\www\mywebsite you can change the upload secure folder to C:\wamp\www\myfiles and then the files will be uploaded in that folder instead of C:\wamp\www\mywebsite\media\com_hikashop\upload\

Please Log in or Create an account to join the conversation.

  • Posts: 29
  • Thank you received: 1
12 years 1 month ago #68580

Thank you for this response. But, just to be sure, are you saying it's okay to leave everything "as is" and default, and to ignore the recommendation to "set this folder outside the website directory"? Sorry, I'm just still a little confused why the high recommendation is in the help doc then, and why it's there. Thanks again for your reply and help.

Please Log in or Create an account to join the conversation.

  • Posts: 82726
  • Thank you received: 13342
  • MODERATOR
12 years 1 month ago #68683

It's not as critical as the documentation make it sound.
The default setting is ok. Changing it to an outside folder would give greater security to your files, but they are already secured anyway. It's just to add another layer of security. But that adds a bit of complexity as you need to specify a writable folder's full path outside of your website folder. If you don't know what that means, then you can leave it as is.

Please Log in or Create an account to join the conversation.

  • Posts: 29
  • Thank you received: 1
12 years 1 month ago #68684

Ah, thank you so much nicolas for your fast and very helpful replies!!

Please Log in or Create an account to join the conversation.

  • Posts: 147
  • Thank you received: 6
9 years 9 months ago #186687

Hi,
I am looking for some clarification on the "Secure uploader folder" subject.
In my case I don't sell downloads, the files I have are just specification sheets and product brochures. It doesn't require payment or registration to download it.

Could I in this case change the secure folder path in the configuration to point to the images/specs-and-brochures for example?
Or will it cause me any security problem?

Is it right to say that the "secure folder" and the recommendation to move it outside the public_html is just to avoid unauthorized downloads?

Thanks

Please Log in or Create an account to join the conversation.

  • Posts: 26151
  • Thank you received: 4027
  • MODERATOR
9 years 9 months ago #186698

Hi,

If you are sure that you will only use public (free) files, you can change the secure folder path.
But you can also use the "path" mode while adding a product file (instead of upload) and specify the location of the file in your Joomla. So the secure folder will stay secure and your public files will be in a public folder.

Regards,

Jerome - Obsidev.com
HikaMarket & HikaSerial developer / HikaShop core dev team.

Also helping the HikaShop support team when having some time or couldn't sleep.
By the way, do not send me private message, use the "contact us" form instead.

Please Log in or Create an account to join the conversation.

Time to create page: 0.099 seconds
Powered by Kunena Forum