Use .htaccess to limit access to file downloads

Posted by jimiyash on Stack Overflow See other posts from Stack Overflow or by jimiyash
Published on 2011-01-11T06:50:02Z Indexed on 2011/01/11 6:53 UTC
Read the original article Hit count: 192

Filed under:
|

I have downloads for static files like product.exe. I want to limit access to these files with a .htaccess file so that only certain users can download it.

I think this can be handled with mod_rewrite and I found this snippet online that blocks bad sites using the referrer.

RewriteEngine on
# Options +FollowSymlinks
RewriteCond %{HTTP_REFERER} http://example.com/downloads/confirm/3811 [NC,OR]
RewriteRule .* - [F]

Source: http://www.javascriptkit.com/howto/htaccess14.shtml

Instead of blocking based on referrer, I want to allow based on referrer. That way, the referrer can be a URL that cannot be accessed without first logging in. I am thinking about going this route and using the http referrer to give permission to the file. I know it may not be the best way to do it, and I guess the referrer can be spoofed, but it does not have to be THAT secure. I am also open to other ideas you may have to for limitting access. Please

© Stack Overflow or respective owner

Related posts about apache

Related posts about .htaccess