Support

Hello,

Since I installed Admin Tools, I can't download PDF files into my Joomla articles (and my clients can't too).

When I click on the link to the PDF file, I got this 403 Forbidden message: 

• You don't have permission to access this resource.

Where can I remove this limitation (I can't find anything into .htaccess).

Maybe info Permissions Configuration? Something else als 705?

Any idea please?

Thank you :-)

I mean something else als 755? I tried 777 but nothing changed.

Another idea?

Admin Tools will only allow you to download files from the /images or /media folders, that's where Joomla! says they belong.

If you PDFs are stored in another folder, you need to add that folder to the field "Allow direct access, except .php files, to these directories" in .htaccess Maker, then re-generate your .htaccess file.  You add the folder name, without leading /, relative to the root of your site.  So if the PDFs are in a folder named download, you would simply add download to that field, on a line all by itself.

Hello Dale,

thanks a lot for your answer, this work :-)

This PDF are for privat users, mean they need a special access from Joomla. So I don't want to find these PDF into Google results.

My question is: is Google can fin them now (what I don't want)?

Google knows everything!

Actually, the .htaccess file that we use to protect the Output folder in Akeeba Backup should protect the folder that your PDF files are in.  Copy the following text and put it into an .htaccess file in that folder:

## This file was generated automatically by the Akeeba Backup Engine
##
## DO NOT REMOVE THIS FILE
##
## This file makes sure that your backup output directory is not directly accessible from the web if you are using
## the Apache, Lighttpd and Litespeed web server. This prevents unauthorized access to your backup archive files and
## backup log files. Removing this file could have security implications for your site.
##
## You are strongly advised to never delete or modify any of the files automatically created in this folder by the
## Akeeba Backup Engine, namely:
##
## * .htaccess
## * web.config
## * index.html
## * index.htm
## * index.php
##
<IfModule !mod_authz_core.c>
Order deny,allow
Deny from all
</IfModule>
<IfModule mod_authz_core.c>
<RequireAll>
Require all denied
</RequireAll>
</IfModule>

Yes, I know that they know... but I just don't want that the PDF files are visible into Google (& Co.) pages (this already happened on the past...).

Sorry, but I tried to add this .htaccess into PDF folder but it's not working. I've the same 403 message like at the begining.

Another idea?

We still need to add the PDF files folder in .htaccess Maker to allow access, per the instructions above.  That keeps the main .htaccess file from blocking access to the file.  Then put the custom .htaccess from above into the PDF folder itself to block it from web access.  Your own server should still be able to access the files with that custom .htaccess in the folder.

No, it's not working. I changed nothing on the main .htaccess and I had a .htaccess (with the text you propose) into the PDF folder, but the access is not possible. And when I remove the .htaccess from the PDF forlder, the access a possible again.

So do you think it come from my server?

Hiding the folder from Google is not something that Admin Tools can do so this ticket has moved beyond the scope of our support.

We're on the right track with those .htaccess commands that I posted.  We need to "deny from all" and it used to be that you had to "allow from localhost".  The second command is no longer in our .htaccess file but Akeeba Backup can still access the files in the protected folder.  Apache keeps changing the commands and syntax with the various versions of the server.  You can do a Google search for .htaccess access control and you'll find examples for various versions of Apache.  You need to match the commands to the version of Apache you're running - or emulating in case you're running an Apache clone.  I'm sorry but I can't be of any further help with this issue.

Ok, I understand.

Just a technical question.

What do you think about this code to add at the end of the .htaccess created by Admin Tools?

#Bloquer l'indexation des fichiers Word et PDF
<files ~ "\.(doc|docx|pdf)$">
Header set X-Robots-Tag "noindex, nofollow"
</Files>

Adding the code into .htaccess Maker would be the way to do it.  That way when you regenerate the code won't be lost.  But .htaccess is not my friend, I can't tell you if your code will work or not.

This is a great idea to includ that into .htaccess Maker!!! 

I'll add it into: Custom .htaccess rules -> Custom .htaccess rules at the bottom of the file

Thank you Dale to be there :-)

You're welcome!