secure file

I-AM-OBODO · November 21, 2008

Helo,

I have a file i don't want unauthorised users to access. I created a login to the page restricting access, but if one knows the name of the file and type it on the browser the file loads and subsiquently can be accessed and downloaded. eg www.mysite.com/user/getfile/file.exe

the file to be protected is the file.exe and its located on the get file page which you can access only if you have a valid username and password. but if typed the address as shown above file is downloaded.

how do i restrict access to this file? please and thanks

Mark Baker · November 21, 2008

Move it outside of the /htdocs tree

Mark Baker · November 21, 2008

Move it outside of the /htdocs tree

Use an .htaccess file to restrict access to files with an extension of .exe

mtoynbee · November 21, 2008

A few options:

Hide the link by forcing a download dialog using PHP headers.

http://uk.php.net/header

Store the file as a BLOB (MySQL) in the database and output via headers

http://dev.mysql.com/doc/refman/5.0/en/blob.html

setup a .htaccess file (for Apache server) on that specific file so that the user cannot access it directly withouth being prompted for a password.

http://httpd.apache.org/docs/1.3/howto/htaccess.html

Sign In

secure file

Recommended Posts

I-AM-OBODO

Link to comment

Share on other sites

Mark Baker

Link to comment

Share on other sites

Mark Baker

Link to comment

Share on other sites

mtoynbee

Link to comment

Share on other sites

Join the conversation

Browse

Activity

Important Information