[RESOLVED] how to prevent a request from outside my website via .htaccess
Hi :)
I have a folder "files" which is located in the public_html folder, it has documents and files. These files are only available for registered users, I am managing download via "download.php" file which doesn't view the document url (using header function).
but if the user did some tricks and knew the folder path with file name, he could download it even without permissions, so please help to prevent this type of request, I know this is htaccess job but don't know how to do it :)
thanks :)
Re: how to prevent a request from outside my website via .htaccess
Move 'files' up one level.
Re: how to prevent a request from outside my website via .htaccess
You could also create an htaccess file in that directory, with the statement:
That would deny direct access to the files in that directory.
:wave:
Re: how to prevent a request from outside my website via .htaccess
:rolleyes: nice trick from you mr. penagate :)
I am compelled to use htaccess because I need to include some videos from 'files' too (this was not mentioned above, sorry) thanks very much akhileshbc :):):)
Re: how to prevent a request from outside my website via .htaccess
Quote:
Originally Posted by
fjober
:rolleyes: nice trick from you mr. penagate :)
It's the standard way of controlling access.
Even if the files are outside the web root directory, you can still serve them using a script, which also takes care of authentication.
Re: how to prevent a request from outside my website via .htaccess
hmmmm :), double like :) thanks very much