Jump to content

help on creating a secure download system


darkcarnival

Recommended Posts

hello,

I'm helping a fellow script site with their downloads by providing a alt link(since he gets so many hits and all) and I want to be able to add some security to the download system i have for this.

basically i have done some reading and ive seen many do some with http_referer to prevent a bandwidth attack, but I do not know how to do such a thing.

first off is this possible with php itself or do i need to alter something in apache to work along with this?

any help at all is fine :)

thanks.
Link to comment
Share on other sites

Basically there is no short answer for this.

I would not rely on HTTP_REFERER since some firewalls or browsers will not send it, and also some browsers can fake this header.

You could (should) create a download php script which will send the file to the user without revealing it's real location. Then, you can add some security to this php script (i.e.: login / password).
Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.