swharrell Posted February 25, 2011 Share Posted February 25, 2011 I previously asked this question in the Apache Server forum with no reply so I'm thinking maybe that was the wrong area to post it in. I have a directory with media files in it (mp3's, videos etc.) that I want to secure from being downloaded yet be able to be played by a local player on the site. I was thinking of trying to secure the directory using .htaccess and .htpasswd files. I would then like to have the page the player is on pass the login credentials to allow the media files to be played. I do not want the user to be prompted for login credentials but if they tried to access the directory to download a file they would be denied. The server is (of course) Apache 2.2.17 and the scripting languages are php (version 5.2) and jQuery. Is this possible or am I going about this the wrong way? Thanks in advance. P.S. Yes, I have extensively searched for answers before posting but could not find the answer I was looking for. Quote Link to comment Share on other sites More sharing options...
cunoodle2 Posted February 25, 2011 Share Posted February 25, 2011 I know there was recently a similar thread on this. I would suggest using a flash player. Quote Link to comment Share on other sites More sharing options...
ChemicalBliss Posted February 25, 2011 Share Posted February 25, 2011 Your looking for anti-leeching? I garuntee there are thousands of snippets/tutorials and bits of info on the subject . But for your htaccess, the easiest method imo, is to use mod_rewrite (rewrite_engine in apache). Like so: Options +FollowSymLinks +Indexes RewriteEngine on RewriteCond %{HTTP_REFERER} !^$ RewriteCond %{HTTP_REFERER} !^http(www.)mydomain.com [NC] RewriteRule .(exe|zip|rar)$ - [F] Put this in your top-level .htaccess file, also, change "mydomain.com" to your domain name you want to allow and it should protect any exe/zip or rar file from being directly downloaded. Scripts can something like <?php $file = "sometest.rar"; $filepath = "myfiles/"; if(!file_exists($filepath.$file)){ exit("File not found!"); } header("Content-type: application/x-rar-compressed"); header('Content-Disposition: attachment; filename="'.date("dmy").'_'.$file); readfile($filepath.$file); ?> to transmit the file to the client. hope this helps Quote Link to comment Share on other sites More sharing options...
swharrell Posted February 25, 2011 Author Share Posted February 25, 2011 cunoodle2, I had thought about using flash but wanted to stay away from it if possible. ChemicalBliss, Thank you. That is very helpful. I will give it a try and also do some more research on 'anti-leaching'. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.