Yesideez Posted September 30, 2009 Share Posted September 30, 2009 My website has various files available for download but I only want to have those files accessible by scripts contained on the web server. I've got an empty index.php inside each folder so people can't browse the files but what I'd like to do is have them get "Access denied" by Apache rather than empty space. I borrowed a one liner from a friend's set-up which he uses to do exactly what I'm wanting to do: deny from all but this denies everything even if I try and download a file using the website so I then had a read up and came up with this: Order Deny,Allow Deny from all Allow from www.pictureinthesky.net Again, that denies everything access still. This is a direct link to one of the files: http://www.pictureinthesky.net/files/games/cfodder2.zip I've managed to set up a rewrite rule to prevent hotlinking but can it also be made to prevent users typing the URL directly into the browser? Any help gratefully appreciated! Quote Link to comment https://forums.phpfreaks.com/topic/176034-solved-trying-to-restrict-access-to-certain-folders-in-server/ Share on other sites More sharing options...
trq Posted September 30, 2009 Share Posted September 30, 2009 You need to move the files into a directory that is outside of your document root. You then serve the files via a php script to authorized users only. Quote Link to comment https://forums.phpfreaks.com/topic/176034-solved-trying-to-restrict-access-to-certain-folders-in-server/#findComment-927584 Share on other sites More sharing options...
Yesideez Posted September 30, 2009 Author Share Posted September 30, 2009 The files are inside their own folder already but it's how to authorise - that's the bit I'm stuck on. Quote Link to comment https://forums.phpfreaks.com/topic/176034-solved-trying-to-restrict-access-to-certain-folders-in-server/#findComment-927586 Share on other sites More sharing options...
trq Posted September 30, 2009 Share Posted September 30, 2009 Inside there own folder outside of your document root? Quote Link to comment https://forums.phpfreaks.com/topic/176034-solved-trying-to-restrict-access-to-certain-folders-in-server/#findComment-927588 Share on other sites More sharing options...
Yesideez Posted September 30, 2009 Author Share Posted September 30, 2009 Now I'm not sure I understand what you mean - if they're inside their own folder then they're outside of the document root :/ Quote Link to comment https://forums.phpfreaks.com/topic/176034-solved-trying-to-restrict-access-to-certain-folders-in-server/#findComment-927608 Share on other sites More sharing options...
trq Posted September 30, 2009 Share Posted September 30, 2009 Now I'm not sure I understand what you mean - if they're inside their own folder then they're outside of the document root :/ Not if those folders are within the document_root. eg; [pre] /home | | _ /web_doc_root | | _ /dir1 | | _ /dir2 [/pre] The contents of /home are outside your web document root and therefore unreachable via the web, dir1 and dir2 however are not and all files within them are directly accessible via http://yourdomain/dir1/*. Quote Link to comment https://forums.phpfreaks.com/topic/176034-solved-trying-to-restrict-access-to-certain-folders-in-server/#findComment-927615 Share on other sites More sharing options...
Yesideez Posted October 2, 2009 Author Share Posted October 2, 2009 Gotcha! Thanks for explaining that, I'll certainly be looking into relocating those file outside the public_html folder Quote Link to comment https://forums.phpfreaks.com/topic/176034-solved-trying-to-restrict-access-to-certain-folders-in-server/#findComment-929092 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.