We help IT Professionals succeed at work.
Get Started

File Security

steva
steva asked
on
247 Views
Last Modified: 2012-06-27
I have a directory in my web space with images that I sell. PHP code validates payment through PayPal and then delivers the purchased image as an email attachment to the buyer. My concern is someone gaining access directly to the folder of images and downloading everything.

I can give the folder an unguessable name so no one can enter

                          www.mysite/unguessablefolder/image.jpg.

But if someone got a hold of the PHP code they would see there the unguessable name.  My understanding, though, is that Apache won't serve up any .php files so even if they knew the php file they needed was "fulfillorder.php" they couldn't get it from the server.  

Am I thinking straight here or is there something else I should be doing to protect the images?

Thanks for any ideas.
Steve

Comment
Watch Question
Commented:
This problem has been solved!
Unlock 1 Answer and 10 Comments.
See Answer
Why Experts Exchange?

Experts Exchange always has the answer, or at the least points me in the correct direction! It is like having another employee that is extremely experienced.

Jim Murphy
Programmer at Smart IT Solutions

When asked, what has been your best career decision?

Deciding to stick with EE.

Mohamed Asif
Technical Department Head

Being involved with EE helped me to grow personally and professionally.

Carl Webster
CTP, Sr Infrastructure Consultant
Ask ANY Question

Connect with Certified Experts to gain insight and support on specific technology challenges including:

  • Troubleshooting
  • Research
  • Professional Opinions
Did You Know?

We've partnered with two important charities to provide clean water and computer science education to those who need it most. READ MORE