darkcarnival Posted May 27, 2006 Share Posted May 27, 2006 hello,I'm helping a fellow script site with their downloads by providing a alt link(since he gets so many hits and all) and I want to be able to add some security to the download system i have for this.basically i have done some reading and ive seen many do some with http_referer to prevent a bandwidth attack, but I do not know how to do such a thing.first off is this possible with php itself or do i need to alter something in apache to work along with this?any help at all is fine :)thanks. Quote Link to comment https://forums.phpfreaks.com/topic/10582-help-on-creating-a-secure-download-system/ Share on other sites More sharing options...
poirot Posted May 27, 2006 Share Posted May 27, 2006 Basically there is no short answer for this. I would not rely on HTTP_REFERER since some firewalls or browsers will not send it, and also some browsers can fake this header.You could (should) create a download php script which will send the file to the user without revealing it's real location. Then, you can add some security to this php script (i.e.: login / password). Quote Link to comment https://forums.phpfreaks.com/topic/10582-help-on-creating-a-secure-download-system/#findComment-39464 Share on other sites More sharing options...
darkcarnival Posted May 28, 2006 Author Share Posted May 28, 2006 i dont want to add a password to it since im doing that now and i get alot of people bitching about it ;)when not showing the real location mean like doing:download.php?id=2i might go ahead and do that. Quote Link to comment https://forums.phpfreaks.com/topic/10582-help-on-creating-a-secure-download-system/#findComment-39573 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.