I have security issue with Apache and mongrel cluster and Ruby on Rails. My Application is in ruby on rails and deployed using apache and mongrel cluster. I am able to secure the .rhtml files using filters. I have few static html files, which I placed, in one of the sub folders of Public folder. I am giving link from my .rhtml files to static .html file. I want to access the static html only If the user login to my application and browse the static html files. I want to restrict the user access when the user tries to access the static html directly by typing the URL So how can I secure my static html pages in ROR with Mongrel cluster on Windows with Apache Server? Please provide your valuable suggestions. Thanks in advance.