I-AM-OBODO Posted November 21, 2008 Share Posted November 21, 2008 Helo, I have a file i don't want unauthorised users to access. I created a login to the page restricting access, but if one knows the name of the file and type it on the browser the file loads and subsiquently can be accessed and downloaded. eg www.mysite.com/user/getfile/file.exe the file to be protected is the file.exe and its located on the get file page which you can access only if you have a valid username and password. but if typed the address as shown above file is downloaded. how do i restrict access to this file? please and thanks Link to comment https://forums.phpfreaks.com/topic/133633-secure-file/ Share on other sites More sharing options...
Mark Baker Posted November 21, 2008 Share Posted November 21, 2008 Move it outside of the /htdocs tree Link to comment https://forums.phpfreaks.com/topic/133633-secure-file/#findComment-695223 Share on other sites More sharing options...
Mark Baker Posted November 21, 2008 Share Posted November 21, 2008 Move it outside of the /htdocs tree Use an .htaccess file to restrict access to files with an extension of .exe Link to comment https://forums.phpfreaks.com/topic/133633-secure-file/#findComment-695224 Share on other sites More sharing options...
mtoynbee Posted November 21, 2008 Share Posted November 21, 2008 A few options: Hide the link by forcing a download dialog using PHP headers. http://uk.php.net/header Store the file as a BLOB (MySQL) in the database and output via headers http://dev.mysql.com/doc/refman/5.0/en/blob.html setup a .htaccess file (for Apache server) on that specific file so that the user cannot access it directly withouth being prompted for a password. http://httpd.apache.org/docs/1.3/howto/htaccess.html Link to comment https://forums.phpfreaks.com/topic/133633-secure-file/#findComment-695225 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.