|
Posted by J.O. Aho on 09/29/52 11:32
Freebird wrote:
> Any suggestions ?
You can limit access to a directory based on the ip that tries to access.
<Location /download-specialfiles>
Order deny,allow
Deny from all
Allow from 192.168.0.1 10.0.20
</Location>
If users has to access the file via different sites, you can fpassthru(), that
way it will be the servers IP that is checked against the the rules and not
the users IP.
http://www.php.net/manual/en/function.fpassthru.php
By the way, HTTP_REFERER can be spoofed too, so it hadn't been a safe way anyhow.
//Aho
PS. Your Microsoft agent is a bit screwed up, marking what you type as the
text you are replying to.
[Back to original message]
|