Preventing access to files if a user types the full url on the address bar
Posted
by
bogha
on Server Fault
See other posts from Server Fault
or by bogha
Published on 2009-09-25T18:04:02Z
Indexed on
2012/09/16
3:41 UTC
Read the original article
Hit count: 616
i have a website, some folders on the websites contains images and files like .pdf , .doc and .docx . the user can easly just type the address in the url to get the file or display the photo
http://site/folder1/img/pic1.jpg
then boom.. he can see the image or just download the file
my question is: how to prevent this kind of action, how can i guarantee a secure access of the files.
any suggestions
UPDATE TO CLARIFY MY IDEA
i don't want any user who is browsing the website to get access to these files normally by just writing the URL of the file. those files are a CV files, they are being uploaded by the users to a specific folder on the server which we host outside the company. those files are only being viewed by the HR people through a special system. that's the scenario we want. i don't want a WEB GEEK who just wants to see what files has been uploaded to this folder to download them easly to his/her computer and view them or publish them on the internet. i hope you got my idea
© Server Fault or respective owner