Reputation: 156
Limiting access to folder based on session/cookies
I want to control the access to a folder on my website. The folder contains index.html and a lot of other stuff, so I can't restrict access based on a verification on the index.php file, because people can still access placing index.html on the end of the url.
I searched about some solutions, but I'm very new to PHP, so I didn't understand very well.
I know I can place a .htaccess file that blocks access to the folder. But can this rule be conditional based on a Session?
I read something about using cookies to block, can this be conditional in .htaccess file?
Also, the folder I want to block have subfoders, does .htacess rules extends to the subfolders as well?
Upvotes: 1
Views: 1005
Answers (1)
Reputation: 1792
basically what you have to is to redirect all requests to the folder to a custom script. the script handles the request, validates the session and decides what to return.
heres an example for the htaccess
RewriteEngine On
RewriteRule !^foder1/folder2(/|$) index.php?file=%{REQUEST_URI} [L]
Upvotes: 2
Related Questions
- Only allow access to files if logged in (htaccess?)
- .htaccess to restrict access to folder
- Deny access to a folder when accessed from certain url
- Deny a folder to be viewed unless authenticated and access to a folder outside website root
- htaccess deny acces to directory if logged out (checked with php)
- Protecting directories with htaccess by checking logged in user
- How to restrict a session to a directory only in PHP?
- How do I make certain files accessible just for PHP scripts?
- cookie-session based access restriction in apache
- Restrict file access to authorized php users