Hey everybody, this is my situation: I have a content management site where multiple users can manage their files. Each user has it's own personal folder, for example [code] /userdata /user1 /user2 /user3 [/code] The website is made with php, mysql and secured with user authentication via mysql and a php session. Sow the data in mysql is secured but now I want to secure the files in the personal folders sow that user1 cant delete files in the "/userdata/user2" dir and user1 can't upload or even look at files in the "/userdata/user1" folder without using my php website. Is it possible to let the folder "/userdata" (and all subfolders) only allow traffic from the php website (that has user authentication) and don't allow browsing from outside this website. my server: Apache/2.0.54 (Ubuntu) PHP/5.0.5-2ubuntu1.2