I need to protect files from being 'hotlinked' or downloaded by browser a secure folder.
- - -
UPDATE: CmsFu » Functions "protect-file" and "protect-folder" now help with this.
- - -
Old post below:
~ ~ ~
I have tried putting .htaccess file as in http://docs.couchcms.com/concepts/cloak ... s-of-files But it didn't work. Directory listing was disabled, but if you happen to know the link to file, it was downloaded without problems.
Tested all solutions found on web with htaccess. Nothing prevented browser from downloading zip archive from uploads/file/secure.
The only method that worked has been found though:
Through cpanel of hosting, I made a folder protected. I didn't set password, as I remember, just indicated folder as protected.
The file htaccess was automatically created in secure folder with the following content:
Cloak_url passes by this restrictions and successfully serves file. This is most important.
Browser can not download nuthin
This is a solved now.
- - -
UPDATE: CmsFu » Functions "protect-file" and "protect-folder" now help with this.
- - -
Old post below:
~ ~ ~
I have tried putting .htaccess file as in http://docs.couchcms.com/concepts/cloak ... s-of-files But it didn't work. Directory listing was disabled, but if you happen to know the link to file, it was downloaded without problems.
Tested all solutions found on web with htaccess. Nothing prevented browser from downloading zip archive from uploads/file/secure.
The only method that worked has been found though:
Through cpanel of hosting, I made a folder protected. I didn't set password, as I remember, just indicated folder as protected.
The file htaccess was automatically created in secure folder with the following content:
AuthType Basic
AuthName "/www/website.com/_uploads/file/secure/"
AuthUserFile /var/www/path-outside-of-root/etc/47056829.passwd
<Limit GET POST>
require valid-user
</Limit>
Cloak_url passes by this restrictions and successfully serves file. This is most important.
Browser can not download nuthin
This is a solved now.