I have a subdomain that I am storing zip files on. I want my domain to be the only way those files could be accessed on the net. I want to disallow all other sites from linking to those files. I also want to disable anyone from copying and pasting the link into their browser and being able to access the files. Here is what I have. With the code below I can still copy and paste a direct link into my browser which is something I want to disallow. Options -Indexes Options +FollowSymlinks RewriteEngine on RewriteCond %{HTTP_REFERER} !^$ RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?mydomain.com [NC] RewriteRule \.(zip)$ - [NC,F,L] I tried to use the code below: <Files ~ ".*\.zip"> Order deny,allow Deny from all Allow mydomain.com </Files> But when I use the code it does not allow mydomain access when I try to pull the file from mydomain.com/random-article-name-here Any suggestions?
The first lot of code you had is correct except for this line: RewriteCond %{HTTP_REFERER} !^$ Code (markup): This line allows empty referrers. When you cut-and-paste a URL you will send an empty referrer. If you remove that line then no one will be able to cut-and-paste. This will also disallow any browsers that don't send referrer headers or modify the referrer header for privacy reasons but there's not much you can do about that easily. If you did want to allow these sorts of users (and there aren't many of them) you would have to generate a random filename in the PHP of the page that has the zip file link and make a symlink pointing to the real file with that random filename. You would also have to have a periodic cron job that cleaned up any symlinks that were more than an hour or two old. That might be more effort than it's worth.