Hidden Files enhances your site’s security posture by preventing direct file URL exposure. It offers a clean and manageable way to serve files dynamically within your templates, while retaining control over who can download them and when.
Feature | Details |
---|---|
Purpose | Secure controlled downloads of files associated with entries or Grid fields |
Template Tag | {exp:hidden_files:download_link} |
Notification Method | Email, with customizable recipients and alert criteria |
Output Variables | {hidden_files:url} , {hidden_files:title} |
Context Parameters | entry_id , field , field_id , col , row_id , file_id |
Grid Support | Yes - handles downloads from within Grid fields |
Hidden Files is an ExpressionEngine add-on that lets you securely serve files through the CMS without exposing their real file system URLs. It ensures that files—whether uploaded through a File field, used in Grid fields, or stored standalone—can only be downloaded via special protected links.
Normally, if someone knows or guesses the direct URL of a file, they can download it—even if they shouldn’t have access. Hidden Files solves this by forcing all downloads through ExpressionEngine’s permission checks, making sure only authorized users can access them.
Yes. Hidden Files supports Grid FieldType and Fluid FieldType, meaning files stored inside structured or flexible field layouts can still be protected and served securely.
Yes. By using the file_id parameter, you can create secure download links for standalone files not tied to an entry.
hidden_files:download_link
into a member-only download area or customizing it with button styling? Let me know—I’d be happy to assist!