Restricting files, folders etc

[bigheadedd]

Hi,

 

I was wondering if anyone can potentially help me on this one. I'm not so hot with htaccess/apache so any help would be hugely appreciated!

 

Okay..

So i'm serving a selection of files from my website, but want them restricted so that no one can go to the file and download it.

I've currently got that working via this code:

 

SetEnvIf Referer mywebsite\.com localreferer
SetEnvIf Referer sub.mywebsite\.com localreferertwo
SetEnvIf Referer subtwo.mywebsite\.com localrefererthree

<FilesMatch \.(eot|woff|ttf|svg)$>
Header add Access-Control-Allow-Origin "*"
Order deny,allow
Deny from all
Allow from env=localreferer
Allow from env=localreferertwo
Allow from env=localrefererthree
</FilesMatch>

 

This currently works, and going to the location of an eot, woff etc is presented with a 403 forbidden warning, yet when my website (or sub domains etc) calls the files, it all displays them correctly etc. Hoorah!

 

However, when I call these files from another server, it allows the files to be displayed. How can I prevent this from happening?

I would of course like to be able to maybe make an exception for one or two websites, but generally I don't want others being able to use my files.

 

I thought I may be able to do this via hotlink prevention, however this resulted in problems displaying it on my own site for some reason.

 

If anyone can help that'd be great.

 

Thanks,

Edd