l i n u x - u s e r s - g r o u p - o f - d a v i s
Next Meeting:
July 7: Social gathering
Next Installfest:
Latest News:
Jun. 14: June LUGOD meeting cancelled
Page last updated:
2005 Mar 10 16:31

The following is an archive of a post made to our 'vox-tech mailing list' by one of its subscribers.

Report this post as spam:

(Enter your email address)
[vox-tech] Apache question: preventing direct access to files
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[vox-tech] Apache question: preventing direct access to files

We've got some .pdf documents on our website that we'd rather people not
view by directly typing the URL into the browser; we want them to get
there via a link.

My boss is convinced that we can do this using the same tricks with the
.htaccess file that can be used to prevent images from being stolen.  I'm
not entirely sure about that.

Here's the .htaccess file in question.  I've kept all my failed attempts
and commented them out.  Any help would be grand.  The first one -- using
mod_auth_cookie -- seemed to work (because users shouldn't even be in that
directory unless they have logged in) but we needed a broader solution.

#AuthName "DLC Resource Only"
#AuthType Basic
#AuthUserFile /web/config/users.txt
#AuthGroupFile /web/config/groups.txt
#Require group members
#AuthCookieName CFTOKEN

#<FilesMatch "\.pdf$">
#SetEnvIf Referer ""; local_referrer=1
#Order Allow, Deny
#Deny from all
#Allow from env=local_referrer

#RewriteEngine on
#RewriteCond %{HTTP_REFERER} !=""
#RewriteCond %{HTTP_REFERER}
#RewriteRule .*\.pdf$ - [F]

#SetEnvIf Referer "^"; internal

#<Limit GET POST>
#order deny,allow
#deny from all
#allow from env=internal

Richard S. Crawford (AIM: Buffalo2K)
http://www.mossroot.com   http://www.stonegoose.com/catseyeview
"We live as though the world were how it should be,
to show it what it can be."
--"Angel", Season 4 ep. 1
vox-tech mailing list

LUGOD Group on LinkedIn
Sign up for LUGOD event announcements
Your email address:
LUGOD Group on Facebook
'Like' LUGOD on Facebook:

Hosting provided by:
Sunset Systems
Sunset Systems offers preconfigured Linux systems, remote system administration and custom software development.

LUGOD: Linux Users' Group of Davis
PO Box 2082, Davis, CA 95617
Contact Us

LUGOD is a 501(c)7 non-profit organization
based in Davis, California
and serving the Sacramento area.
"Linux" is a trademark of Linus Torvalds.

Sponsored in part by:
EDGE Tech Corp.
For donating some give-aways for our meetings.