Allow permanent deletion of PDFs and Images so they cannot still be accessed at their original URL after deletion

Currently when deleting a file from the asset manager it isn't actually deleted, and remains accessible at the old URL to allow webflow to include it in site backups. There are multiple reasons this is concerning from a security perspective:

  • Outdated customer pricing charts and information being accessible and indexed by google
  • Old versions of corporate contracts remaining publicly accessible and bot searchable
  • Cases where the wrong file was uploaded accidentally and contains confidential information
  • Unlicensed images included in webflow templates or used during site design stages still being associated with a client against the policy of stock warehouses.

I propose a number of potential solutions that could close this security concern:

1) In the asset manager, have a tickbox to show all "archived" files, so they can be deleted fully

2) When deleting a file, assume it is to be deleted permanently, but ask if the user would like to maintain a copy for backup purposes

3) Store all backup-only assets in a secure bucket within Webflow's AWS environment rather than have them remain on a publicly accessible server.

https://forum.webflow.com/t/final-deletion-of-a-file-in-the-asset-manager/76133/7 for more info.

  • Michael Naylor
  • Jan 21 2019
  • Administrator commented
    06 Feb 01:08

    THIS IS SIGNIFICANT!  It is already a problem that it is not "white labeled" and discloses Webflow and then to top it off it permanently exists?!