-
You should create some additional param which will use as second factor authentication, for example we're using in our extension UUID's.
You can also try to get IP of the device which is trying to get access to the entryPoint and check if this ip is allowed.Leave a comment:
-
Hi, I tried to protect the accessible folder by htaccess (deny from all, allow from domain), to permit access only from one domain. But it did not work. What would be the approach to make the folder accessible only from one domain?Leave a comment:
-
Public attachment extension for EspoCRM by devcrm.it
Hello guys,
I've created for one of user from this forum simple extension which basically create entryPoint and let users to get access to attachments without login.
Here you have repo: https://github.com/dubas-pro/ext-public-attachment
We have more advanced extension which GUI, additional module which let user only get access to specific files for specific amount of time and with additional strings for safety reasons, but it's not available for free.
Please be aware that this extension will give access to ALL files in formats which are mentioned here to users which are NOT logged in. So i recommend to NOT use this extension on production instance, without any additional safety mechanisms.Last edited by emillod; 12-08-2020, 05:11 AM.
Leave a comment: