SitePoint Sponsor

User Tag List

Results 1 to 9 of 9
  1. #1
    SitePoint Guru
    Join Date
    Jan 2010
    Posts
    635
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)

    Accessing Files One Way But Not Directly

    Sitepoint Members,
    Is there a way to use a file for the making of a webpage but even if the address of that file is known the file can not be accessed directly using a browser?

    Thanks,

    Chris

  2. #2
    ¬.¬ shoooo... silver trophy logic_earth's Avatar
    Join Date
    Oct 2005
    Location
    CA
    Posts
    9,013
    Mentioned
    8 Post(s)
    Tagged
    0 Thread(s)
    Eh? What do you mean "for the making of a webpage"?
    Logic without the fatal effects.
    All code snippets are licensed under WTFPL.


  3. #3
    Utopia, Inc. silver trophy
    ScallioXTX's Avatar
    Join Date
    Aug 2008
    Location
    The Netherlands
    Posts
    9,063
    Mentioned
    153 Post(s)
    Tagged
    2 Thread(s)
    Which language are we talking here? PHP? Something else?
    Rémon - Hosting Advisor

    SitePoint forums will switch to Discourse soon! Make sure you're ready for it!

    Minimal Bookmarks Tree
    My Google Chrome extension: browsing bookmarks made easy

  4. #4
    SitePoint Guru
    Join Date
    Jan 2010
    Posts
    635
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)
    Assembling of a webpage, since most web pages are a collage of different parts (files).

    html, php

  5. #5
    It's all Geek to me silver trophybronze trophy
    ralph.m's Avatar
    Join Date
    Mar 2009
    Location
    Melbourne, AU
    Posts
    24,168
    Mentioned
    454 Post(s)
    Tagged
    8 Thread(s)
    Sounds like you want to use "PHP includes". That is, you have content in various files, which are pulled into a page via little bits of PHP. I'm sure you could deny access to those include files to prevent someone navigating directly to them. But you can also just put them somewhere where no one is likely to find them, as you can't see them from the source code itself.

  6. #6
    SitePoint Guru
    Join Date
    Jan 2010
    Posts
    635
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)
    I though maybe
    <Files .htaccess|example.jpg>
    deny from all
    </Files>

    would work in that pages using example.jpg would show example.jpg and if you went to the file example.jpg directly via a browser then the browser wouldn't bring the file up. But the htaccess code above doesn't stop a visitor from viewing a file directly.

  7. #7
    SitePoint Wizard bronze trophy
    Join Date
    Jul 2006
    Location
    Augusta, Georgia, United States
    Posts
    4,147
    Mentioned
    16 Post(s)
    Tagged
    3 Thread(s)
    The simplest method is to place the files outside of the site root. If the files you are referring to are including server-side that will do. If they are some type of media file with user authentication requirements for access than a script/access point needs to be created to indirectly serve them up.
    The only code I hate more than my own is everyone else's.

  8. #8
    Utopia, Inc. silver trophy
    ScallioXTX's Avatar
    Join Date
    Aug 2008
    Location
    The Netherlands
    Posts
    9,063
    Mentioned
    153 Post(s)
    Tagged
    2 Thread(s)
    The only way there is to prevent image access directly that I know of (aside from having to log in) is to check the HTTP Referer [sic]. Even though this methods isn't waterproof, most people deem it "good enough".
    The easiest way is to check in your .htaccess file:

    Code:
    RewriteEngine On
    RewriteCond %HTTP_REFERER} !^http://www\.example\.com/ [NC]
    RewriteRule \.jpg$ - [F]
    This will show a 403 forbidden if you access a .jpg directly, but the image will work fine when used on a website on your own domain (here, www.example.com).

    If you want more info you can google for "prevent hotlinking apache"
    Rémon - Hosting Advisor

    SitePoint forums will switch to Discourse soon! Make sure you're ready for it!

    Minimal Bookmarks Tree
    My Google Chrome extension: browsing bookmarks made easy

  9. #9
    SitePoint Guru
    Join Date
    Jan 2010
    Posts
    635
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)
    I'm aware of hotlinking but didn't think of visiting and linking as the same but standing in the shoes of the site being visited/linked to, they're exactly the same. I'll use the code you gave me. I have my css in an includes file because it takes so long for folders top open (on a shared server). The site loads a lot faster this way, but it reveals addresses to the images I use on every page. Someone recreated one of my pages and put it on someone else's site, this should stop them from using the images - along with the other htaccess code Options -Indexes.

    Thanks ScallioXTX,

    Chris


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •