We're making some ICTFax tests for some days now, and we noticed that the inbox directory (http://XXX.XXX.XXX.XXX/ictfax/sites/def ... nbox/7.pdf), containing all the pdf and tiff files is easily accessible from any web browser, without having to authenticate (admitting that the browser's public IP is allowed in server's firewall)
So, my question is : is there a way to protect this access, not only with an .htaccess file, but to make file only accessible from the inbox fax webpage, and only for the user whose have received or sent the fax ?
If someone have an idea.... ?!