• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 179
  • Last Modified:

Protect_fiile

If i have a public directory on Apache with a few public files.
is it possible to add one file and protect it using userid/password or password only.
How can i do this

Is it possible also to upload it to a database table and have a link to it that opens it like a file system. That would require more code though.
0
sam15
Asked:
sam15
  • 3
  • 2
1 Solution
 
a1aaitCommented:
You can restrict access to a file by using an .htaccess file in its directory.  You will need to point it to a password file, best kept in a different, non-public directory. (or an authentication server)
Here is a decent description:
http://www.euronet.nl/~arnow/htpasswd/documentation.html

As for uploading an image to a database and retrieving it as a file:  You can do this with MySQL and PHP.
Here is the basic way to it:
http://www.wellho.net/solutions/php-example-php-form-image-upload-store-in-mysql-database-retreive.html

0
 
sam15Author Commented:
so you can restrict access to a file in a specific directory or create a protected diretory and limit access to it?

Do you have to mess up with the main .htaccess and .paswrd files or you create a second copy and place it in this directory.
0
 
a1aaitCommented:
You can protect the directory and/or specific files in it, on the user and group levels.

Yes, you have to edit the .htaccess file for that folder if one already exists.  You can create an additional password file for each directive if you want, as you specify the password file for each directive.

You would add something like this to the .htaccess file:

<Files secret.html>
order deny,allow
deny from all
AuthUserFile /home/user/.htpasswd
AuthType Basic
require valid-user
satisfy all
</Files>

You would also need to create the file /home/user/.htpasswd (only an example - you can put it anywhere outside your publicly readable directories)
There are a lot of options for .htaccess. (this also shows how to make a .htpasswd file on the server if you have shell access)
http://corz.org/serv/tricks/htaccess.php

0
 
sam15Author Commented:
great one last question

can I have one userid/password for ALL users or one userid/password for everyone. Does apache allow you to configure both.
0
 
a1aaitCommented:
You can make one or many userid/passwords.  The example only requires a "valid-user" which just means they exist in the .htpasswd file.    Another option is to just use one userid, but change the pw now and again and only send the new password to those who should have it currently.  You can't really track who is doing what this way.
0

Featured Post

Get quick recovery of individual SharePoint items

Free tool – Veeam Explorer for Microsoft SharePoint, enables fast, easy restores of SharePoint sites, documents, libraries and lists — all with no agents to manage and no additional licenses to buy.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now