0

I want to be able to prevent people from accessing a file on a server, such as a document if they were to directly link to it via the URL. This is for security purposes so that documents on the site just can't be stumbled upon and downloaded...

What is the best approach for this?

I've tried using the .htaccess to deny access to docs and txts for examples, but you can still download the files it just prevents you from accessing the directory...which isn't what I want to do.

<Files ~ "\.(doc|txt)$">
  order allow,deny
  deny from all
</Files>
4

4 回答 4

4

将其放在公共空间之外的目录中,并通过需要登录或您喜欢的自定义 PHP 页面提供

echo file_get_contents(/var/www/example.com/file.txt);

我猜应该可以

于 2013-09-05T13:20:58.530 回答
2

最好的办法是一开始就不要将它放在 Web 服务器的文档根目录中。

于 2013-09-05T13:20:51.493 回答
2

试着把它放在你的 .htaccess

<FilesMatch "\.(doc|txt)">
  Order deny,allow
  Deny from all
</FilesMatch>
于 2013-09-05T13:28:22.030 回答
0

您可以在您的 .htaccess 中将对该文件夹中文件的所有请求重定向到一个特殊的 PHP 页面,该页面只允许登录用户下载文件,但拒绝未经授权的用户访问它。

将目标文件本身放在上面的文件夹中也是一个好主意public_html

于 2013-09-05T13:26:03.500 回答