PHP/Apache Deny folder access to user but not to script
- by Piero
Hey all,
So I have this php web app, and one of my folder contains some files that can be downloaded.
I have a download script that modifies the headers, in order to always offer a download link. (instead of showing a picture for example, when you click on a link, a download box pops out)
Right now, if you enter a url like: http://www.mywebsite.com/content/
You get the listing of all the downloadable files, and of course, you can just download them all, without going through the website interface.
Personally, I don't think it's a problem, since I often use downthemall or other downloading tool, and this type of access is a great time saver....
But of course my company does not think so :-p They want people to use the interface in order to view the Ads...
Would they be a way, maybe with a protected .htaccess, to leave the folder access to my download script, but deny access to the users...?
I hope I am making sense and you know what I mean :)
All help/remarks appreciated!