Solved

Is there any way to restrict the downloading of files within a subfolder using special .htaccess rules?

Posted on 2012-03-14
4
224 Views
Last Modified: 2012-08-13
We have a bunch of client files sitting in a "uploads" folder on our Apache-based site.  Although the directory itself is NOT browseable (403 forbidden - Directory Listing not allowed) ... the client has become concerned that the files themselves might be compromised somehow, .. or indexed by search engines.

Is there any way that we can apply special .htaccess rules to that uploads folder so that the files contained within it can only be downloaded using a PHP script (or something like that)?  We're just looking for a way to secure those files somehow -- without having to reprogram the site so that the file uploads are stored and served up from outside the site root.  Please advise.

Thanks
- Yvan
0
Comment
Question by:egoselfaxis
  • 2
4 Comments
 
LVL 108

Accepted Solution

by:
Ray Paseur earned 500 total points
ID: 37719925
For the most safety, move the directory outside of the WWW root.  But that said, if your server returns a 403 forbidden to browsers, you are also returning a 403 forbidden to search engines.  No compromise is likely at all since you're not sending the data -- just the "forbidden" headers.
0
 
LVL 15

Expert Comment

by:Ess Kay
ID: 37720064
here is some info for it

http://www.javascriptkit.com/howto/htaccess.shtml

hope it helps
0
 
LVL 6

Expert Comment

by:torakeshb
ID: 37723890
Refer to the article http://www.experts-exchange.com/OS/Linux/A_8789-How-websites-can-be-redirected.html. You may need some customization as per your requirement
0
 
LVL 108

Expert Comment

by:Ray Paseur
ID: 37744101
Was there something wrong with this answer?  Why did you mark it down to a "B"?  What was missing?
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Linux Mint 18 31 73
php refresh button on the browser 2 35
mysql update statement effect only some rows 4 26
linux redhat 7.2 10 29
Part of the Global Positioning System A geocode (https://developers.google.com/maps/documentation/geocoding/) is the major subset of a GPS coordinate (http://en.wikipedia.org/wiki/Global_Positioning_System), the other parts being the altitude and t…
These days socially coordinated efforts have turned into a critical requirement for enterprises.
The viewer will learn how to create and use a small PHP class to apply a watermark to an image. This video shows the viewer the setup for the PHP watermark as well as important coding language. Continue to Part 2 to learn the core code used in creat…
Connecting to an Amazon Linux EC2 Instance from Windows Using PuTTY.

948 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now