We have a course which has been made available to guests, but is protected with a password. Guests must enter the password in order to enter the course, and only a limited number of people have been given this password.
However, if a user goes directly to a file resource within the course (if they have the direct URL), it does not prompt them to enter the password. It takes them straight to the resource, therefore making the resource publicly accessible, as though it were not even within Moodle.
For example:
http://mymoodlesite.com/pluginfile.php/374/mod_resource/content/12/index.html
Can anyone please advise if there is a setting I need to check in order to make the resources within the course inherit the password protection assigned to the course?