[users@httpd] Restricting page access
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
I'm still working on the problem of delivering those huge PDF files. In
the meantime, I was also asked to prevent those files from being
displayed unless the link to them was clicked on; in other words, I want
to prevent users from being able to display a file by typing the URL
directly into their browser. Normally I'd use basic authentication in
an .htaccess file, but in this setting that is inappropriate. I tried
adapting the solution from the _Apache Cookbook_ that prevents linking
of local images by remote sites, but that didn't seem to do the trick.
Here is the .htaccess file that I created:
<FilesMatch "\.pdf$">
SetEnvNoCase Referer "^http://outsite.edu"; local_referer=1
Order Deny,Allow
Allow from env=local_referer
</FilesMatch>
This doesn't prevent a pdf file from being delivered if the user types
in the URL directly.
--
Richard S. Crawford
Programmer III
UC Davis Extension Distance Education Group (http://unexdlc.ucdavis.edu)
2901 K Street, Suite 200C
Sacramento, CA 95816
(916)327-7793
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
" from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
[Index of Archives]
[Open SSH Users]
[Linux ACPI]
[Linux Kernel]
[Linux Laptop]
[Kernel Newbies]
[Security]
[Netfilter]
[Bugtraq]
[Squid]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Samba]
[Video 4 Linux]
[Device Mapper]
