Trying to stop people directly accessing some files. Tried with a .mp4 file, worked as expected in Chrome but not in FF. Checked in IE, it works there as well.
Thanks gandalf. I have added the mp4 things inside of your condition ||| … and now the video does not even load inside of my webbrowser. The idea was to make the video load in the webpage created for that reason, and stop people sharing the link.
<FilesMatch "(^#.*#|\.(bak|conf|dist|fla|in[ci]|log|psd|sh|doc|xls|pdf|mp4|ogv|webm|sql|sw[op])|~)$">
# Apache < 2.3
<IfModule !mod_authz_core.c>
Order allow,deny
Deny from all
Satisfy All
</IfModule>
# Apache ≥ 2.3
<IfModule mod_authz_core.c>
Require all denied
</IfModule>
</FilesMatch>
Excellent suggestion but placing any file outside the webspace means that your web app will have to include a “player” which fetches the file for you.
jC,
My first inclination was to use the UNreliable UserAgent code to determine the browser and redirect (or passthrough) as required. However, the also UNreliable {HTTP_REFERER} would/should be easier to implement as it should require the linking page to be one from your website (be sure to make the www. optional). If you write your code correctly, it should prevent linking to specific (or all) files in the directory. Make your attempt at the code and, if there are any problems, we can help you through it (providing code prevents you from learning).
If you need suggestions (or sample code), look through the examples at http://dk.co.nz/seo.
The following code is forcing www and then should prevent loading a video directing by pasting the url at the address bar. It works is all browser but FF. In FF, it works some times, and some times we can see the video by directly pasting the url at address bar. Strange !
First code block, first RewriteRule (set) - great! It simply enforces the www’d domainname
First code block, second RewriteRule - By default, any RewriteCond is ANDed with prior RewriteCond statements as well as their associated RewriteRule. Therefore, the …com can never match the …com{zero okay but not with one or more characters} so the RewriteRule should only be executed for the domain-only referrer (i.e., never a FAIL for your doc types). Solution, the force-www forces lowercase domain name so the NoCase flags are superfluous (and could destroy a correct reference as PlAyEr.PhP is not likely to serve a valid file). With that, remove BOTH NoCase flags and add the OR flag ( [OR} ) to the FIRST RewriteCond in that set.
Second code block - Ditto the NoCase flag and adding the OR flag to the first RewriteCond statement (which will allow anyone who’s disabled their {HTTP_REFERER} the direct access you’re preventing with the first code block). My whole point is that the NoCase flags are incorrect (they should only apply to {HTTP_HOST}) and being able to activate the RewriteRule with only one RewriteCond being matched (otherwise, they are mutually exclusive, aren’t they?).