Hi team,

I have a question about securing file uploads.

A car rental project is receiving image/PDF uploads of drivers’ licenses and registration details into file fields. (Files added at rental post creation by the vendor, and potentially some files uploaded into profiles).

Can you suggest a method of securing access only to the admin through the backend?

Ideally, as a feature request, the file fields could have a toggle switch on the admin settings that changes the saving folder to a protected_uploads folder (with .htaccess restrictions).

Thank you.