deny direct access to a files but allow php and html to read it from .htaccess

StackOverflow https://stackoverflow.com/questions/10815712

  •  11-06-2021
  •  | 
  •  

Вопрос

I need to know how do i deny access to a image files folder but allow it to be read it from php/html only.

I think best way is to use .htaccess in that folder something like

deny from all
Options -indexes
AddHandler cgi-script .php .htm .html .sh
Options -ExecCGI

but this doesnt work, since i have to have in the root folder .htaccess following

<FilesMatch "\.(gif|jpe?g|doc?x|pdf|zip|png)$">
AddHandler cgi-script .php .htm .html .sh
Allow from all
</FilesMatch>
<Files 403.shtml>
order allow,deny
allow from all
</Files>

solution

RewriteCond %{HTTP_HOST} ^xxx.com$
RewriteRule ^/?$ "http\:\/\/www\.xxx\.com\/index\.php" [R=301,L] 
RewriteCond %{HTTP_REFERER} !^http://(www\.)?xxx\.com/.*$ [NC]
RewriteRule _files/photo/([^/]+)\.(gif|png|jpg)$ - [F] 

didnt work either... ? any experts ?

Это было полезно?

Решение

Replace your existing code with this:

RewriteCond %{HTTP_HOST} ^xxx\.com$
RewriteRule ^$ http://www.xxx.com/index.php [R=301,L] 

RewriteCond %{HTTP_REFERER} !^http://(www\.)?xxx\.com/ [NC] 
RewriteRule ^_files/photo/[^.]+\.(jpe?g|gif|bmp|png)$ - [F,NC]
Лицензировано под: CC-BY-SA с атрибуция
Не связан с StackOverflow
scroll top