Apache Lounge


About Forum Index Downloads Search Register Log in  RSS Apache Lounge  

Keep Server Online

If you find the Apache Lounge, the downloads and overall help useful, please express your satisfaction with a donation.



A donation makes a contribution towards the costs, the time and effort that's going in this site and building.

Thank You! Steffen

Your donations will help to keep this site alive and well, and continuing building binaries. Apache Lounge is not sponsored.

Post new topic   Forum Index -> Apache View previous topic :: View next topic
Reply to topic   Topic: Restriction on file

Joined: 04 Mar 2020
Posts: 1
Location: Rome

PostPosted: Thu 05 Mar '20 0:24    Post subject: Restriction on file Reply with quote

Hello I have a problem that I'd like to resolve. I have a web site. One of the services offered in this website there is mini-cloud. In the cloud the users signin can uploads every type of files such as images. Every user has own directory where can upload and see the files. But if someone has the complete path of the url where is saved a file, he can see the file without signin to personal area. For example if a file is stored in /var/www/html/userDir/file.exstesion if a user know the path http://website.com/userDir/file.exstesion. I want improve the security of the website. I'd like add a restriction on the files. I wish that only registered users can access to the files on the cloud. Someone can resolve my problem?
I use Debian.
Server version: Apache/2.4.38.
PHP 7.3 and 10.0.28-MariaDB-2+b1.
I use PHP Session for the login.
Back to top
James Blond

Joined: 19 Jan 2006
Posts: 6714
Location: Germany, Next to Hamburg

PostPosted: Mon 09 Mar '20 12:32    Post subject: Reply with quote

If you use mod_rewrite for that and send the requests through a php handler, you can manage the access easily.

Another idea would be to use mod_auth_token
Back to top

Reply to topic   Topic: Restriction on file View previous topic :: View next topic
Post new topic   Forum Index -> Apache