Argomenti

⌘K
  4. Argomenti
  6. Biglietti
  8. Biglietti in PDF
  10. Protezione delle cartelle dei biglietti PDF

Protezione delle cartelle dei biglietti PDF

FooEvents PDF tickets use an “unlisted link” model, similar to Google Drive’s “anyone with the link” sharing setting. Ticket file names are generated using an algorithm that produces obscure, non-sequential names, making them extremely difficult to guess, even if someone understands how FooEvents generates them.

Assuming directory listing is disabled on your server, which is standard practice, the folder cannot be browsed and files are only accessible if the exact file name is known. FooEvents also adds a blank index file to the biglietti in formato PDF folder as an extra precaution.

Advanced Folder Protection #

You can add an extra layer of protection to your PDF tickets folder by blocking direct web access to the directory where ticket PDFs are stored. The methods below outline different ways to do this, depending on your server configuration. These are advanced options intended for site owners who want to further reduce the risk of ticket links being shared and prefer tickets to be distributed through controlled channels, such as email delivery only.

Please note that when direct access to the PDF tickets folder is restricted:

  1. Customers will no longer be able to download PDF tickets from the My Account section. Make sure the FooEvents > Impostazioni > Biglietti PDF > Abilita il download dei biglietti in formato PDF option is disabled. If it remains enabled, FooEvents will add a Tickets page to the My Account section where users can attempt to download PDF tickets, but those links will no longer work once folder access is blocked.
  2. Administrators will no longer be able to download PDF tickets from the Biglietti screen in the WordPress admin area. If you want to view a PDF ticket, rather ‘resend’ the ticket to your email address and download the PDF from there.

Folder Protection Setting (Apache) #

This is a built-in option and can only be used on Apache servers, as it relies on an .htaccess file to restrict access to the PDF tickets folder.

I server Apache possono applicare le regole a livello di cartella utilizzando un'opzione .htaccess file. Inserendo un .htaccess all'interno della directory di archiviazione dei biglietti PDF, è possibile negare l'accesso diretto HTTP ai biglietti PDF archiviati. Qualsiasi URL diretto dei biglietti dovrebbe restituire 403 Vietato response, or sometimes a 404, depending on your host or security layer.

To enable folder protection and automatically add the necessary .htaccess file to your biglietti in formato PDF folder, please follow these steps:

  1. Log in to your WordPress website.
  2. Vai a FooEvents > Impostazioni > Biglietti PDF.
  3. Abilitare il Abilita la protezione della cartella dei biglietti PDF impostazione.
  4. Trovare un URL noto per i biglietti PDF (uno che è stato scaricato in precedenza con successo).
  5. Visitate il sito nel vostro browser.
  6. You should receive a 403 Vietato response, or a 404 depending on your host or security layer, instead of a download.

Protezione manuale (Apache) #

Se il PDF ticket folder protection setting does not take effect, try manually placing the .htaccess file in the PDF tickets folder.

Please follow these steps to manually add the .htaccess file to your biglietti in formato PDF folder:

  1. Collegatevi al vostro sito tramite FTP/SFTP o il file manager del vostro host.
  2. Andare a: wp-content/uploads/fooevents/pdftickets/
  3. Create a file named .htaccess.
  4. Aggiungete al file i seguenti contenuti:
# FooEvents Protezione della cartella dei biglietti PDF.

	Richiede tutti i negati



	Negato a tutti
  1. Salvare il file.
  2. Trovare un URL noto per i biglietti PDF (uno che è stato scaricato in precedenza con successo).
  3. Visitate il sito nel vostro browser.
  4. You should receive a 403 Vietato response, or a 404 depending on your host or security layer, instead of a download.

Notes / Gotchas #

  • Alcuni host bloccano o sovrascrivono .htaccess regole in wp-content/uploads/. If your rules do not apply, ask your host whether .htaccess files are allowed in uploads directories.
  • If your WordPress installation uses a custom uploads path, the folder location may be different.

Nginx (configurazione manuale) #

Similar to how the WooCommerce uploads folder can be protected on Nginx, if your site uses Nginx, you can add a rule to deny access to the PDF ticket folder in your server block. If you are not sure how to do this, ask your hosting company to assist you.

location ^~ /wp-content/uploads/fooevents/pdftickets/ {
	negare tutti;
}

If your WordPress installation uses a custom uploads path or is installed in a subdirectory, adjust the location path accordingly.

Once the deny-access rule has been added, verify that it is working by following these steps:

  1. Trovare un URL noto per i biglietti PDF (uno che è stato scaricato in precedenza con successo).
  2. Visitate il sito nel vostro browser.
  3. You should receive a 403 Vietato response, or a 404 depending on your host or security layer, instead of a download.

Come possiamo aiutarti?