Welcome to WebmasterWorld Guest from

Forum Moderators: Ocean10000 & incrediBILL & phranque

Message Too Old, No Replies

Making a directory unaccessable other than from the server itself

A file hosting website doesn't want direct viewing of files, only downloads

2:39 pm on Jan 24, 2010 (gmt 0)

New User

5+ Year Member

joined:Jan 24, 2010
votes: 0

Hi there, I have the file hosting website which I just started. I have it set up that there is a directory called "Files" where all the files are stored, then in a seperate directory there is "download" which contains the files needed to download a file from the files directory. So if you go to foo.com/dl/filename.jpg, it will download the file (using an htaccess shortcut, actual route is foo.com/download/index.php?file=filename.jpg). However, if you accessed this file directly by going to the source of the file, foo.com/files/filename.jpg, then you will be viewing the image. The more primary concern is the viewing of html or php files, I don't want a website hosting site to implant itself! How do I prevent the access of these files ONLY by my download directory, but not in the files directory itself? Thanks!
3:02 pm on Jan 24, 2010 (gmt 0)

Senior Member

WebmasterWorld Senior Member jdmorgan is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:Mar 31, 2002
votes: 0

See the documentation for Apache [httpd.apache.org] mod_access and Apache core appropriate to your server version number.

Put a .htaccess file in the /files subdirectory containing

Options -Indexes
Order Deny,Allow
Deny from all