Restrict browser access to directory files

In my website, i want to restrict viewin开发者_运维问答g certain files which are stored in a directory called "/content" such that only logged in users can view the files

as it stands right now anyone who types in xxxxxxx.com/content/4dc32b1c0a630.png into the browser can see this image file

I've added Options -Indexes to my .htaccess file but that didn't do anything

if it is helpful my site is built using codeigniter, so a PHP solution would be great, though I'd take any advice you might have!

thank you, Tim

You can write a controller for that purpose.

In one of my projects I've done a resized pictures controller only for logged in users. It's based on timthumb script http://code.google.com/p/timthumb/

In controller __contruct(); write user authentification code and that's all!

So you will call these files via controller, like http://www.site.com/images/1314.png

Use mod_rewrite to rewrite any accesses to anything in /content to a PHP script that will auth the user and then provide the file, either directly or via mod_xsendfile.

Put these lines in your root .htacess file to block access to content/4dc32b1c0a630.png for unauthenticated users:

Options +FollowSymlinks -MultiViews
RewriteEngine on

RewriteCond %{LA-U:REMOTE_USER} ^$ 
RewriteRule ^content/4dc32b1c0a630\.png/?$ - [R=403,L]

However I would suggest you use wild cards (if possible) to match blocked files above rather than listing each and every individual file.