[nycbug-talk] direct file access denied via htaccess
Francisco Reyes
lists
Wed Jun 15 21:19:35 EDT 2005
On Wed, 15 Jun 2005, Isaac Levy wrote:
> In a big-picture nutshell, I'm sad to report you cannot both provide access
> and deny access to the image files- the usual suite of obfuscation tricks are
> trivially bypassed by anyone who wants the images and has 20 minutes to spare
> figuring it out.
Not sure if this is possible, but....
How about having them in a directory outside the "root" for the domain and
have PHP get them..
ie
document root /usr/local/www/somedomain
images in
/usr/local/www/somedomain-pics
PHP would have to send the HTTP requests for the images though..
More information about the talk
mailing list