1. Advertising
    y u no do it?

    Advertising (learn more)

    Advertise virtually anything here, with CPM banner ads, CPM email ads and CPC contextual links. You can target relevant areas of the site and show ads based on geographical location of the user if you wish.

    Starts at just $1 per CPM or $0.10 per CPC.

Apache Server Web directories access restrictions

Discussion in 'Apache' started by imneckro, Jul 29, 2018.

0
  1. #1
    Hello everyone.

    I have set up an apache server, hosting a website.

    For example In my website you can play with an online javascript atari roms. Whenever you load a rom in the website, the javascript temporarily downloads it to your browsers cache.

    If you for example write website.com/roms/atari.zip you can download this rom. I do not want this.

    Is there a way to forbid direct access to this file but also whitelisting access from within the javascript requests?

    Many thank you in advance.
     
    imneckro, Jul 29, 2018 IP
  2. hostechsupport

    hostechsupport Well-Known Member

    Messages:
    413
    Likes Received:
    23
    Best Answers:
    7
    Trophy Points:
    138
    #2
    A rule can be added in htaccess file for this.
    For example, the following code will block access to files ending in .ini, .log, .sh and .zip
    <FilesMatch "\.(ini|log|sh|zip)$">
    Order Allow,Deny
    Deny from all
    </FilesMatch>
     
    Last edited: Jul 30, 2018
    hostechsupport, Jul 30, 2018 IP
  3. RoseHosting

    RoseHosting Well-Known Member

    Messages:
    230
    Likes Received:
    11
    Best Answers:
    11
    Trophy Points:
    138
    #3
    The following .htaccess rules should help you:

    RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?website.com [NC]
RewriteRule \.(zip)$ - [NC,F,L]
    Code (markup):
    Rules are checking the referrer, and if the referrer is not from 'website.com' it can't list nor download zip files.
     
    RoseHosting, Jul 30, 2018 IP