mahen3d
Reputation: 7734
deny direct access to a files but allow php and html to read it from .htaccess
I need to know how do i deny access to a image files folder but allow it to be read it from php/html only.
I think best way is to use .htaccess in that folder something like
deny from all
Options -indexes
AddHandler cgi-script .php .htm .html .sh
Options -ExecCGI
but this doesnt work, since i have to have in the root folder .htaccess following
<FilesMatch "\.(gif|jpe?g|doc?x|pdf|zip|png)$">
AddHandler cgi-script .php .htm .html .sh
Allow from all
</FilesMatch>
<Files 403.shtml>
order allow,deny
allow from all
</Files>
solution
RewriteCond %{HTTP_HOST} ^xxx.com$
RewriteRule ^/?$ "http\:\/\/www\.xxx\.com\/index\.php" [R=301,L]
RewriteCond %{HTTP_REFERER} !^http://(www\.)?xxx\.com/.*$ [NC]
RewriteRule _files/photo/([^/]+)\.(gif|png|jpg)$ - [F]
didnt work either... ? any experts ?
Upvotes: 3
Views: 2610
Answers (1)
anubhava
Reputation: 785156
Replace your existing code with this:
RewriteCond %{HTTP_HOST} ^xxx\.com$
RewriteRule ^$ http://www.xxx.com/index.php [R=301,L]
RewriteCond %{HTTP_REFERER} !^http://(www\.)?xxx\.com/ [NC]
RewriteRule ^_files/photo/[^.]+\.(jpe?g|gif|bmp|png)$ - [F,NC]
Upvotes: 2
Related Questions
- Block direct access to a file over http but allow php script access
- Prevent direct access to .php files in .htaccess
- How do you prevent direct access to a file in Apache?
- Prevent direct url access to files
- .htaccess: deny direct access to files in specific case
- Prevent direct file access
- Deny direct access to files using htaccess
- Disallow direct access to a file in htaccess?
- Prevent access to files from Apache without .htaccess
- Restrict direct file access with Apache .htaccess