Prevent direct access to the documents

New to mod_rewrite? This is a good place to start.

Prevent direct access to the documents

Postby mkohan » Fri Oct 02, 2009 7:55 am

Hi

To prevent direct access to the documents(words,...) by users,
I want to create a rewrite rule that rewrites all reguests
for /documents/* redirect to checkFile.php?file=*
then the checkFile.php checks the users privileges.
what would be the
RewriteCond and RewriteRule.
Thanks,
MK
mkohan
 
Posts: 3
Joined: Fri Oct 02, 2009 7:34 am

Postby richardk » Sat Oct 03, 2009 8:16 am

Something like
Code: Select all
Options +FollowSymLinks

RewriteEngine On

RewriteRule ^documents/(.+)$ /checkFile.php?file=$1 [QSA,L]
richardk
 
Posts: 8800
Joined: Wed Dec 21, 2005 7:50 am

Postby mkohan » Mon Oct 05, 2009 3:26 pm

Thanks for your reply.
I tried it.
Problem with this is that when my program wants to access the document it could not access it, the documents blocked by that.
After googling, I think I have to add .htaccess to documents directory which only permits the Server IP address to have access to the documents.
Am I right?
MK
mkohan
 
Posts: 3
Joined: Fri Oct 02, 2009 7:34 am

Postby richardk » Tue Oct 06, 2009 10:36 am

Problem with this is that when my program wants to access the document it could not access it, the documents blocked by that.

Why does your script access the files via HTTP? That's inefficient, using readfile() or file_get_contents() (and a non-http:// path) would bypass Apache and mod_rewrite.

After googling, I think I have to add .htaccess to documents directory which only permits the Server IP address to have access to the documents.

Code: Select all
Options +FollowSymLinks

RewriteEngine On

RewriteCond %{REMOTE_ADDR} !^1\.2\.3\.4$
RewriteRule ^documents/(.+)$ /checkFile.php?file=$1 [QSA,L]
richardk
 
Posts: 8800
Joined: Wed Dec 21, 2005 7:50 am

Postby mkohan » Wed Oct 07, 2009 8:32 am

Thanks Richard,

I tried the code in httpd.conf file and it worked.
So I won't use it .htaccess file any more.
MK
mkohan
 
Posts: 3
Joined: Fri Oct 02, 2009 7:34 am


Return to Beginner's Corner

Who is online

Users browsing this forum: No registered users and 21 guests

cron