bigheadedd Posted March 30, 2012 Share Posted March 30, 2012 Hi, I was wondering if anyone can potentially help me on this one. I'm not so hot with htaccess/apache so any help would be hugely appreciated! Okay.. So i'm serving a selection of files from my website, but want them restricted so that no one can go to the file and download it. I've currently got that working via this code: SetEnvIf Referer mywebsite\.com localreferer SetEnvIf Referer sub.mywebsite\.com localreferertwo SetEnvIf Referer subtwo.mywebsite\.com localrefererthree <FilesMatch \.(eot|woff|ttf|svg)$> Header add Access-Control-Allow-Origin "*" Order deny,allow Deny from all Allow from env=localreferer Allow from env=localreferertwo Allow from env=localrefererthree </FilesMatch> This currently works, and going to the location of an eot, woff etc is presented with a 403 forbidden warning, yet when my website (or sub domains etc) calls the files, it all displays them correctly etc. Hoorah! However, when I call these files from another server, it allows the files to be displayed. How can I prevent this from happening? I would of course like to be able to maybe make an exception for one or two websites, but generally I don't want others being able to use my files. I thought I may be able to do this via hotlink prevention, however this resulted in problems displaying it on my own site for some reason. If anyone can help that'd be great. Thanks, Edd Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.