WampServer
Apache, PHP, MySQL
on Windows
apache and htaccess
Posted by:
bazaarboy
(---.4-4.cable.virginmedia.com)
Date: January 03, 2012 10:07PM
Hi I'm running WAMP and want to restrict access to a directory (it contains PDF documents)
I would like my users who are logged in to access these files, but prevent anyone not logged in from accessing the documents by simply linking to the URL
How can this be done?
Thanks
I would like my users who are logged in to access these files, but prevent anyone not logged in from accessing the documents by simply linking to the URL
How can this be done?
Thanks
Re: apache and htaccess
Posted by:
stevenmartin99
(---.b-ras1.srl.dublin.eircom.net)
Date: January 03, 2012 10:45PM
how are they "logged in"
most likely its sessions... so dont use htaccess but use the SESSION KEY to do it
Steven Martin
stevenmartin99@gmail.com
stevenmartin99@hotmail.com
PampServer.com - [pampserver.com]
most likely its sessions... so dont use htaccess but use the SESSION KEY to do it
Steven Martin
stevenmartin99@gmail.com
stevenmartin99@hotmail.com
PampServer.com - [pampserver.com]
Re: apache and htaccess
Posted by:
bazaarboy
(---.4-4.cable.virginmedia.com)
Date: January 03, 2012 11:00PM
thanks - is this done within httpd.conf??
Re: apache and htaccess
Posted by:
stevenmartin99
(---.b-ras1.srl.dublin.eircom.net)
Date: January 04, 2012 01:09AM
no , in your script , the user is logged in...
so only show the folder to the user. at the top of the file in the "special folder" check that they are logged in using the SESSION KEY" - Otherwise redirect them.
is this your own coding or a CMS?
Steven Martin
stevenmartin99@gmail.com
stevenmartin99@hotmail.com
PampServer.com - [pampserver.com]
so only show the folder to the user. at the top of the file in the "special folder" check that they are logged in using the SESSION KEY" - Otherwise redirect them.
is this your own coding or a CMS?
Steven Martin
stevenmartin99@gmail.com
stevenmartin99@hotmail.com
PampServer.com - [pampserver.com]
Re: apache and htaccess
Posted by:
bazaarboy
(---.nhs.uk)
Date: January 04, 2012 09:28AM
i'll give you an example,
the site is intranet only and uses SESSION based authentication
for illustration, let's say it works like this:
in the www folder we have a "site" folder and a "docs" folder
if you are logged into [server] you can access [server]
but the problem is anyone within the intranet can go directly to [server]
and view the PDF
I thought perhaps that htaccess, using a referrer conditional statement could prevent direct access to the PDFs, unless the URL request originates from within the [server]
Or, do I have this wrong?
Your method is just as welcome, ie users being unable to to directly access [server]
unless they are authenticated -
just not sure how to achieve this in practice...
thank you
the site is intranet only and uses SESSION based authentication
for illustration, let's say it works like this:
in the www folder we have a "site" folder and a "docs" folder
if you are logged into [server] you can access [server]
but the problem is anyone within the intranet can go directly to [server]
and view the PDF
I thought perhaps that htaccess, using a referrer conditional statement could prevent direct access to the PDFs, unless the URL request originates from within the [server]
Or, do I have this wrong?
Your method is just as welcome, ie users being unable to to directly access [server]
unless they are authenticated -
just not sure how to achieve this in practice...
thank you
Sorry, only registered users may post in this forum.
