Reputation: 1605
prevent direct download of zip, tar files through URL
I have a PHP app whose directory has some zip, tar files. I recently noticed that they are available for download directly through the URL. How can i stop that? I think, maybe through .htaccess.
My .htaccess as of now is like this:
Options All -Indexes
IndexIgnore *
IndexIgnore *.jpg *.gif *.xls *.jpeg *.png *.php
ErrorDocument 404 /error.php
ErrorDocument 403 /error.php
Upvotes: 0
Views: 4014
Answers (3)
Reputation: 809
maybe it's too late but you also can use this method
RewriteRule .*\.(zip|jpg|php|gif|js)$ - [F,NC]
Upvotes: 1
Reputation: 1711
To prevent access to specific files,
you can use the directive <Files> in your .htaccess
<Files ~ "\.zip$">
Order allow,deny
Deny from all
</Files>
Since Apache 1.3, recommandation is to use <FilesMatch> instead, which allows the filenames to be matched against regular expresssions
For example, the following code will block access to files ending in .ini, .log, .sh and .zip
<FilesMatch "\.(ini|log|sh|zip)$">
Order Allow,Deny
Deny from all
</FilesMatch>
Upvotes: 3
Reputation: 2916
Did you try to modify permissions to that files? i think that modifying permissions to 600 or something might work
Upvotes: 1
Related Questions
- Deny direct file download from webserver by URL
- Use .htaccess to limit access to file downloads
- DENY direct download of file using php
- How to block direct download file
- How to prevent a file from being Directly Downloaded & Veiwed Via URL
- Prevent users from downloading files in a specific directory
- How block access to url directory
- disable downloading of the PHP files
- htaccess or other method to prevent zip file download?