Menu
So I have this php web app, and one of my folder contains some files that can be downloaded.
I have a download script that modifies the headers, in order to always offer a download link. (instead of showing a picture for example, when you click on a link, a download box pops out)
Right now, if you enter a url like: http://www.mywebsite.com/content/ You get the listing of all the downloadable files, and of course, you can just download them all, without going through the website interface.
Personally, I don't think it's a problem, since I often use downthemall or other downloading tool, and this type of access is a great time saver....
But of course my company does not think so :-p They want people to use the interface in order to view the Ads...
Would they be a way, maybe with a protected .htaccess, to leave the folder access to my download script, but deny access to the users...?
I hope I am making sense and you know what I mean :)
All help/remarks appreciated!
861
Move the folder out of the webserver's root directory so that apache will not server files from that directory at all. You can still include files from the folder if it is readable by the apache/http user, but your site users won't be able to access it from any url.
60
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
