Secure download of assets. Makes it possible to secure FE use of assets/files by setting permissions to folders/files for fe_groups.

Installs: 229 544

Dependents: 2

Suggesters: 2

Security: 0

Stars: 35

Watchers: 12

Forks: 58

Open Issues: 34



This extension (fal_securedownload) aims to be a general solution to secure your assets.

When you storage is marked as non-public all links to files from that storage are replaced (also for processed files).

The access to assets can be set on folder/file bases by setting access to fe_groups in the file module.

How to use

  1. Download and install fal_securedownload
  2. Un-check the 'public' checkbox in your file storage
  3. Add a .htaccess file with "Deny from all" (Apache < 2.3) or "Require all denied" (Apache >= 2.3) in your file storage root folder or move your storage outside of your webroot
  4. Go to the file list and add access restrictions on file/folder


  • Restrict FE access on folder level
  • Restrict FE access on file level
  • Let editor set permissions in file list
  • Force download for all files (for protected file storages)
  • Force download for specific file extensions (for protected file storages)
  • Keep track of requested downloads (count downloads per user and file)


  • TYPO3 11 LTS


  • EXT:ke_search v4.3.1
  • EXT:solrfal v4.1.0