Preventing access to files if a user types the full url on the address bar

Posted by bogha on Server Fault See other posts from Server Fault or by bogha
Published on 2009-09-25T18:04:02Z Indexed on 2012/09/16 3:41 UTC
Read the original article Hit count: 616

Filed under:
|
|
|

i have a website, some folders on the websites contains images and files like .pdf , .doc and .docx . the user can easly just type the address in the url to get the file or display the photo

http://site/folder1/img/pic1.jpg

then boom.. he can see the image or just download the file

my question is: how to prevent this kind of action, how can i guarantee a secure access of the files.

any suggestions

UPDATE TO CLARIFY MY IDEA

i don't want any user who is browsing the website to get access to these files normally by just writing the URL of the file. those files are a CV files, they are being uploaded by the users to a specific folder on the server which we host outside the company. those files are only being viewed by the HR people through a special system. that's the scenario we want. i don't want a WEB GEEK who just wants to see what files has been uploaded to this folder to download them easly to his/her computer and view them or publish them on the internet. i hope you got my idea

© Server Fault or respective owner

Related posts about html

Related posts about security