Protecting folder in public_html
https://stackoverflow.com//questions/9626004
-
09-12-2019 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
I have a music sharing site and realize that the files on my site are not necessarily protected as they are stored in a subfolder in public_html. I need to protect them in a way that they still work for anyone in the music player, which located on a listen.php page. However, if the user goes directly to a file, such as this http://www.pearlsquirrel.com/mp3/95d246c26a7c003cdac86ead05659b37.m4a. I do not want them to be able to download the file so as to protect my users. However, I can not add any code to that page because it is an mp3. Is there a way to add an index to the folder that would allow for me to add javascript to that page? I tried using .htaccess but had no luck with it. If anyone knows how I could possibly solve this problem, it would be greatly appreciated. Thanks!
Solution
Stu Thompson explains a few ways well in this post - Protect flash video from download/right protect also, this link may be of particular usefulness for you - Is it possible to protect from downloading a video from a site
OTHER TIPS
try with .htaccess to:
- forbid directory listing
- check the urlreferrer / remote IP address
But if, depending on the way you play the file to the user, if there is a direct access to the file, it will be hard to secure.
You could rewrite your music file's URLs to a PHP script, check some login via session and output the music file only if the user is logged in.
You could also put a copy of a mp3, that a user is listening to with a session id in the name and remove it after the session get's invalid. This way every user has it's own URL that will not be active permanently.
