darkcarnival Posted May 27, 2006 Share Posted May 27, 2006 hello,I'm helping a fellow script site with their downloads by providing a alt link(since he gets so many hits and all) and I want to be able to add some security to the download system i have for this.basically i have done some reading and ive seen many do some with http_referer to prevent a bandwidth attack, but I do not know how to do such a thing.first off is this possible with php itself or do i need to alter something in apache to work along with this?any help at all is fine :)thanks. Link to comment https://forums.phpfreaks.com/topic/10582-help-on-creating-a-secure-download-system/ Share on other sites More sharing options...
poirot Posted May 27, 2006 Share Posted May 27, 2006 Basically there is no short answer for this. I would not rely on HTTP_REFERER since some firewalls or browsers will not send it, and also some browsers can fake this header.You could (should) create a download php script which will send the file to the user without revealing it's real location. Then, you can add some security to this php script (i.e.: login / password). Link to comment https://forums.phpfreaks.com/topic/10582-help-on-creating-a-secure-download-system/#findComment-39464 Share on other sites More sharing options...
darkcarnival Posted May 28, 2006 Author Share Posted May 28, 2006 i dont want to add a password to it since im doing that now and i get alot of people bitching about it ;)when not showing the real location mean like doing:download.php?id=2i might go ahead and do that. Link to comment https://forums.phpfreaks.com/topic/10582-help-on-creating-a-secure-download-system/#findComment-39573 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.