[nycbug-talk] direct file access denied via htaccess
Hans Zaunere
lists
Thu Jun 16 01:13:37 EDT 2005
> hi all am trying (dont even know if this is possible) to prevent anybody
> and all from accessing anhy files via http directly
>
> i know the proper syntax for preventing hotlinking
>
>
> # cat .htaccess
> RewriteEngine on
> RewriteCond %{HTTP_REFERER} .
> #RewriteCond %{HTTP_REFERER} !^http://(www\.)?mydomain\.(com|net) [NC]
> RewriteRule \.(gif|jpg|bmp|mid|css)$ - [F,NC]
>
> but say that you know that i have a jpg at
> http://www.mydomain.com/stever/junk/001.jpg
>
> i need to prevent anybody from pasting that into their browser and
> getting that image. the above htaccess file aint working, how can i make
> this happen.
For this last paragraph, you can use:
http://httpd.apache.org/docs/mod/core.html#files
http://httpd.apache.org/docs/mod/core.html#filesmatch
And there's of course:
http://httpd.apache.org/docs/mod/core.html#directory
http://httpd.apache.org/docs/mod/core.html#directory
And:
http://httpd.apache.org/docs/mod/core.html#directory
http://httpd.apache.org/docs/mod/core.html#locationmatch
It just depends on how you exactly want Apache to behave.
---
Hans Zaunere
President, Founder
New York PHP
http://www.nyphp.org
AMP Technology
Supporting Apache, MySQL and PHP
More information about the talk
mailing list