1. Advertising
    y u no do it?

    Advertising (learn more)

    Advertise virtually anything here, with CPM banner ads, CPM email ads and CPC contextual links. You can target relevant areas of the site and show ads based on geographical location of the user if you wish.

    Starts at just $1 per CPM or $0.10 per CPC.

Pls help, need to secure a directory

Discussion in 'Apache' started by webhuge, Jul 3, 2007.

  1. #1
    hi all,
    i have a directory that contain images , and i would like to secure it.
    this directory can contain *.php files but i would like that these pages can't been executed, exemple :

    www.mywebsite.com/images/image.gif (this image can be seen by people)
    www.mywebsite.com/images/page.php (this page exist but it must not be executed ).

    hope i've been clear , and i would like that you help me to do that, i think it's doable with htacces file that i will make it in the image directory, but i don't know what it contain
    thanks to all and sorry for my bad english
    webhuge, Jul 3, 2007 IP
  2. clancey

    clancey Peon

    Likes Received:
    Best Answers:
    Trophy Points:
    Using .htaccess, you could redirect traffic away from those *.php pages using mod rewrite. This works for all users all the time. For instance, if there was a stub page called blank.html containing the word "no", I might put this in the .htaccess:

    There might be a way to just issue a 401 page not found error. I am not sure how to do that. It would be the better solution because it does not hint at the page's existence. In the same vein, if the pages are unnecessary, erase them. If they are being called by some other script, I would move them into a safer location.

    This will not going to work if mod_rewrite is not enabled. You might need to check with your ISP if it does not.
    clancey, Jul 3, 2007 IP
  3. VimF

    VimF Well-Known Member

    Likes Received:
    Best Answers:
    Trophy Points:
    Another way is to chmod all the php files you don't want to be executed to 600 or 400.
    VimF, Jul 3, 2007 IP
  4. eukvps

    eukvps Guest

    Likes Received:
    Best Answers:
    Trophy Points:
    Please add following rules to your .htaccess file which should be placed under /images folder.

    RewriteEngine On
    RewriteCond %{HTTP_REFERER} !^http://(.+\.)?mysite\.com/ [NC]
    RewriteCond %{HTTP_REFERER} !^$
    RewriteRule .*\.(php)$ /images/nohotlink.jpeg [L]

    replace mysite with your actual site name
    nohotlink.jpeg with any image that you have in images directory.

    Hopefully that should solve your problem.

    eukvps, Jul 4, 2007 IP
  5. webhuge

    webhuge Peon

    Likes Received:
    Best Answers:
    Trophy Points:
    oh thanks all verrrrrrrrrrrrrrrrrrrrrrrry much , it works great , great members
    webhuge, Jul 4, 2007 IP