I recently changed one of my .htaccess files from \"Order deny,allow
Deny from all\” to \"Order deny,allow
Allow from all\”
This was inside the media/downloadable folder.
I had to do this as it was mentioned in the another thread http://www.magentocommerce.com/boards/viewthread/31702/ as being the main reason i couldn\’t download files when putting in a custom url into the fieldname instead of uploading the download itself within the admin interface (which did work).
When I use the upload file method within magento it works perfect and i canât access the file by putting in the file location manually into my browser.
However when I link to the file that I have ftpâd up, and since the âallow from allâ has been setup, i can access the file straight away by putting in its location on the serverâ¦
I know it encrypts a special url when a customer downloads, Iâm just a bit scared in case some hacker gets to the files which are actually quite easy to get.
Should I be worried about this?