[RESOLVED] how to prevent a request from outside my website via .htaccess

**fjober** · Aug 18th, 2012, 06:24 PM

Hi

I have a folder "files" which is located in the public_html folder, it has documents and files. These files are only available for registered users, I am managing download via "download.php" file which doesn't view the document url (using header function).

but if the user did some tricks and knew the folder path with file name, he could download it even without permissions, so please help to prevent this type of request, I know this is htaccess job but don't know how to do it

thanks

**penagate** · Aug 19th, 2012, 07:28 AM

Move 'files' up one level.

**akhileshbc** · Aug 19th, 2012, 09:23 AM

You could also create an htaccess file in that directory, with the statement:

Code:

deny from all

That would deny direct access to the files in that directory.

**fjober** · Aug 19th, 2012, 03:14 PM

nice trick from you mr. penagate

I am compelled to use htaccess because I need to include some videos from 'files' too (this was not mentioned above, sorry) thanks very much akhileshbc

**penagate** · Aug 19th, 2012, 07:35 PM

Originally Posted by fjober

nice trick from you mr. penagate

It's the standard way of controlling access.

Even if the files are outside the web root directory, you can still serve them using a script, which also takes care of authentication.

**fjober** · Aug 19th, 2012, 07:46 PM

hmmmm

, double like

thanks very much

Thread: [RESOLVED] how to prevent a request from outside my website via .htaccess

Thread Tools

Display

[RESOLVED] how to prevent a request from outside my website via .htaccess

Re: how to prevent a request from outside my website via .htaccess

Re: how to prevent a request from outside my website via .htaccess

Re: how to prevent a request from outside my website via .htaccess

Re: how to prevent a request from outside my website via .htaccess

Re: how to prevent a request from outside my website via .htaccess

Posting Permissions