What options are there to secure exe files or jpg files etc from being accessible without first authenticating user / pass through a php / database driven user login page?
TIA
TIA
Securing a hosted exe file using php authentication for html pages
- Thread starter DannyBoy
- Start date
Put something similar to the following in your Apache conf:
<Directory "/var/www/localhost/htdocs/mozzano/temp">
Options +Indexes
AuthUserFile /var/www/localhost/htdocs/mozzano/temp/.htpasswd
AuthName "Mitzi's temp file section!"
AuthType Basic
require valid-user
</Directory>
You can then use Apache htpasswd2 to create username/passwords for the directory. If you need more detailed info let me know.
<Directory "/var/www/localhost/htdocs/mozzano/temp">
Options +Indexes
AuthUserFile /var/www/localhost/htdocs/mozzano/temp/.htpasswd
AuthName "Mitzi's temp file section!"
AuthType Basic
require valid-user
</Directory>
You can then use Apache htpasswd2 to create username/passwords for the directory. If you need more detailed info let me know.
I know how to password protect a directory mitz
Im trying to protect files using the php "member area" type script im working on.
Basically if a user logs in through login.php, they can access the file, but if they dont login they get pointed to a page saying they need to login...
I'm a total n00b at PHP, but for perl script you'd do something like
(image link)
<img src="imageserver.pl?image-id=xxxx">
where imageserve.pl does any validation then returns either the image (copying it out of a private folder) or an error.
Note that if authentication is passed along via GET (in the URL) instead of POST or cookies, Google can end up capturing the link with authentication from referrer: headers when the person moves from your page to another page where google has tracking. Or so I've been told, there's apparently a FAQ item at google about "why do my secret pages show up in google search results?"
(image link)
<img src="imageserver.pl?image-id=xxxx">
where imageserve.pl does any validation then returns either the image (copying it out of a private folder) or an error.
Note that if authentication is passed along via GET (in the URL) instead of POST or cookies, Google can end up capturing the link with authentication from referrer: headers when the person moves from your page to another page where google has tracking. Or so I've been told, there's apparently a FAQ item at google about "why do my secret pages show up in google search results?"
TRENDING THREADS
-
Discussion Zen 5 Speculation (EPYC Turin and Strix Point/Granite Ridge - Ryzen 9000)- Started by DisEnchantment
- Replies: 25K
-
Discussion Intel Meteor, Arrow, Lunar & Panther Lakes Discussion Threads
- Started by Tigerick
- Replies: 21K
-
Discussion Intel current and future Lakes & Rapids thread- Started by TheF34RChannel
- Replies: 23K
-
-
Facebook
Twitter