开发者

How to restrict viewing files within a directory

I have a directory that contains many sensitive pdf documents. If someone k开发者_StackOverflow社区new the filename, they could simply bypass my login system and view the file just as if it were an image.

If I moved the directory out of the document root how would I show it to the user once they were logged in? I'd need to pull the requested file back into the document root but not sure how to do this.

If there are any other suggestions aside from removing the directory from the root, I'm open to that as well. Thanks.


Serve file through PHP so you will always know who/when/what will download.


Add in .htacces file following line:

RewriteRule ^(dir_name_1|dir_name_2)/? /error/404 [L]
0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜