direct access to the files

Permalink
Our web admin has added password protection to a specific URL which contains a link on the page to download an xlsx file . I am unsure on the exact configuration except to access the page you have to enter the credentials of a user account created in the CMS itself. However, I have tested, if someone found the direct link to the xlsx file in the files directory of the site, they can download it directly. Is there anyway to secure the file better. I assume the likelihood of someone guessing/brute forcing the URL to the file is very low, but who knows what hack tools are out there. It just undermines the need for the username/password to access the file if someone can just enter the URL directly to download the file.

 
pma111 replied on at Permalink Reply
anyone?
pma111 replied on at Permalink Reply
interested in feedback.
ConcreteOwl replied on at Permalink Reply
ConcreteOwl
Deleted