Hidden web files and downloads

It can important to protect your webfiles from being seen and downloaded from the public. Examples of files needing to be protected can be .inc files for script inclusion and files that should not be downloaded before a customer pays.

If you have Apache2, you can edit your domain file that normally exist in /etc/apache2/sites-available and add this:

<Directory "/home/myuser/public_www/download_or_data/"> Order allow,deny Deny from all </Directory>

When a visitor now tries to open your files directly through the relative URL, he will not get access to view or download it. PHP scripts themself can however properly forward vistors to download files, and include datafiles from such directories.

Written by: Dag Jonny Nedrelid
©2007-2012 http://thronic.com

Feel free to leave a comment.
Name:
URL:

0

Thronic.com

|

Home

|

About

|

Articles

|

Links
- Projects
- Curriculum vitae

|