Reputation: 584
(apache) how to make folder content downloadable only? (treat all files as downloadable object ONLY)
i am trying to implement a user system (PHP) where every user has a unique files folder, the user can upload any files to that folder and download it later.
current restriction are: string of 'htaccess' inside file names is replaced with 'hhtaccesss'. no sub folders are created.
my question: is there any way (.htaccess or other) to make those files for download purpose only? in order to ensure that none of those unknown files will be run on the system?
sub question is there any danger zip/unzip those files?
example: if the user types a direct url to a .php file, the system will not process the file(which can be harmful) and instead just 'deliver' it to the user? same for all types of scripts/files..
Upvotes: 1
Views: 1909
Answers (2)
Reputation:
in .htaccess in the appropriate directory add
ForceType application/octet-stream
Header set Content-Disposition attachment
should force the browser to download any file no matter the type. can use <FilesMatch .. if you want to leave some intact.
Upvotes: 1
Reputation: 4337
One of the solutions would be to not expose the files directly. E.g. store them in a non-public directory and serve them through another page, e.g. download.php, which could read the file contents and then output and serve them with "Content-Disposition: attachment;" header.
Upvotes: 1
Related Questions
- prevent direct download of zip, tar files through URL
- Force all files under the specific path to download (not open in browser) using .htaccess
- Use .htaccess to limit access to file downloads
- How to make files ONLY downloadable, not readable by client
- Prevent users from downloading files in a specific directory
- .htaccess allow upload to directory, prevent download
- protect files download in a folder on server &.htacess visible
- .htaccess, deny to download files within a directory
- htaccess set specific file to download only
- htaccess or other method to prevent zip file download?