Skip to main content

This site requires you to update your browser. Your browsing experience maybe affected by not having the most up to date version.

We've moved the forum!

Please use forum.silverstripe.org for any new questions (announcement).
The forum archive will stick around, but will be read only.

You can also use our Slack channel or StackOverflow to ask for help.
Check out our community overview for more options to contribute.

General Questions /

General questions about getting started with SilverStripe that don't fit in any of the categories above.

Moderators: martimiz, Sean, Ed, biapar, Willr, Ingo, swaiba

Hide links on members pages from google search


Go to End


2 Posts   1294 Views

Avatar
grumpypanda

Community Member, 32 Posts

25 May 2013 at 2:43am

Edited: 28/05/2013 3:54am

Hi there,

I have a SS site which has members only pages. Everything worked fine until I put some pdf links (eg www.mysite/assets/Uploads/members/books/myfirstbook.pdf) on one of the members' pages (www.mysite.com/members/), then google search can actually pick those pdf files up and everyone can view those pdf files without being a member through google.

How can I block non members to view those pdf files? I tried robot.txt and "secure files" module, but it hasn't worked so far.

What is the best way to hide those pdf files in the asset folder from google search?

Any help would be appreciated :)

Avatar
Bambii7

Community Member, 254 Posts

28 May 2013 at 12:54pm

You could sign up for google web master tools to remove pages you dont want included. But that won't stop yahoo, bing, or any old blog linking to your files.

For full security you need to keep your downloadable goods outside of the public web folder (www or public_html) away from the SS installation.
This is getting complicated but in the CMS field you can specify the upload directory. Then for the download you should make a new Controller which will act as a proxy between the user and the file. This Controller will check permissions, download count, or any other parameters.
Basically if you don't do this anyone downloading the file can then get hold of the link and share it round the web, exposing it for everyone else.