SitePoint Sponsor

User Tag List

Results 1 to 5 of 5
  1. #1
    SitePoint Enthusiast
    Join Date
    Jun 2007
    Posts
    45
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    hi, autside www folder content, secure ?

    Hi, I am building a small application that is meant to keep some video and audio files in a secure space, ( after log in and right credentials it can be access ).

    I see over the net that some systems, much larger then this app. are hiding the actual name of the files so you can writh http://site.com/dir../dir../name.ext

    I have all this files out side the www director. This is not enough ?

    I am using
    Code PHP:
    @readfile($file);
    in conjuction with the right header.

    Cheers !

  2. #2
    play of mind Ernie1's Avatar
    Join Date
    Sep 2005
    Posts
    1,252
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Yes
    my mobile portal
    ghiris.ro

  3. #3
    Theoretical Physics Student bronze trophy Jake Arkinstall's Avatar
    Join Date
    May 2006
    Location
    Lancaster University, UK
    Posts
    7,062
    Mentioned
    2 Post(s)
    Tagged
    0 Thread(s)
    Don't worry. Other sites use the same as you, however they use .htaccess to look for urls like
    http://site.com/dir1/dir2/name.ext

    and secretly run it as if it were
    http://site.com/getfile.php?somevar=dir2&file=name.ext

    So if it's in /dir1/, it uses dir2 as a variable, probably to distinguish between categories, users or whatever.
    Jake Arkinstall
    "Sometimes you don't need to reinvent the wheel;
    Sometimes its enough to make that wheel more rounded"-Molona

  4. #4
    SitePoint Member
    Join Date
    Aug 2007
    Posts
    2
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    For security yo can have 2 options:
    1. Put the file in folder outside of www folder
    2. Put the file in one folder in www folder then make .htaccess mod rewrite so user cannot access directly

  5. #5
    SitePoint Enthusiast
    Join Date
    Jun 2007
    Posts
    45
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Thanks guys !!!


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •