deny direct access to a files but allow php and html to read it from .htaccess
Question
I need to know how do i deny access to a image files folder but allow it to be read it from php/html only.
I think best way is to use .htaccess in that folder something like
deny from all
Options -indexes
AddHandler cgi-script .php .htm .html .sh
Options -ExecCGI
but this doesnt work, since i have to have in the root folder .htaccess following
<FilesMatch "\.(gif|jpe?g|doc?x|pdf|zip|png)$">
AddHandler cgi-script .php .htm .html .sh
Allow from all
</FilesMatch>
<Files 403.shtml>
order allow,deny
allow from all
</Files>
solution
RewriteCond %{HTTP_HOST} ^xxx.com$
RewriteRule ^/?$ "http\:\/\/www\.xxx\.com\/index\.php" [R=301,L]
RewriteCond %{HTTP_REFERER} !^http://(www\.)?xxx\.com/.*$ [NC]
RewriteRule _files/photo/([^/]+)\.(gif|png|jpg)$ - [F]
didnt work either... ? any experts ?
La solution
Replace your existing code with this:
RewriteCond %{HTTP_HOST} ^xxx\.com$
RewriteRule ^$ http://www.xxx.com/index.php [R=301,L]
RewriteCond %{HTTP_REFERER} !^http://(www\.)?xxx\.com/ [NC]
RewriteRule ^_files/photo/[^.]+\.(jpe?g|gif|bmp|png)$ - [F,NC]
Licencié sous: CC-BY-SA avec attribution
Non affilié à StackOverflow