Hi every one!
I am trying to develop a dynamic website as a part of my study. I have organized some contents in different folders especially some confidential images. But when I type the full path of the file it appears in the browser. But I what I want is only the administrator of the website can download to his computer and view not directly on the browser.
Dose password protecting a folder solve this problem?
I hope this forum will solve my problem
Thank you all in advance.
0
Preventing image files from loading
Started by dahal0514, Jun 04 2010 07:09 AM
1 reply to this topic
#2
-
- Administrators
-
- 125 posts
Administrator
Posted 04 June 2010 - 01:30 PM
Hi there,
Welcome to PHPTalk!
The easiest way of limiting access to a directory would indeed be to password protect it.
Assuming you are on an apache webserver, this can be done using a .htaccess file in the directory you would like to protect.
Example .htaccess:
This will tell apache to require a valid user login before allowing access to the directory.
You will also have to create the .htpasswd file, and add at least one user to it. This will basically function as an access list or user database.
The easiest way to create this is if you have SSH access to a linux server. Go to the home directory and run the following command:
This will ask you to enter a password and confirm it. It then creates the .htpasswd file with a username and hashed password combination inside. It will look something like this:
If you would like to add additional users to the file, you can do this using the same command without the -c option.
Once you have added your user(s), move the file to the location specified in your .htaccess "AuthUserFile" option - and you should be good to go.
Please let me know if there's any parts you would like me to explain better. If you do not have access to do it yourself, I can also create the user:password combination for you. In that case I will need you to send me a Private Message with the user and password you would like to use.
(There's also more fancy ways of doing access control using PHP, however this would be a lot more complicated.)
Welcome to PHPTalk!
The easiest way of limiting access to a directory would indeed be to password protect it.
Assuming you are on an apache webserver, this can be done using a .htaccess file in the directory you would like to protect.
Example .htaccess:
AuthName "Secure folder" AuthType Basic AuthUserFile /path/to/directory/.htpasswd require valid-user
This will tell apache to require a valid user login before allowing access to the directory.
You will also have to create the .htpasswd file, and add at least one user to it. This will basically function as an access list or user database.
The easiest way to create this is if you have SSH access to a linux server. Go to the home directory and run the following command:
htpasswd -c .htpasswd yourUserNameHere(Replace "yourUserNameHere" with the desired username.)
This will ask you to enter a password and confirm it. It then creates the .htpasswd file with a username and hashed password combination inside. It will look something like this:
testuser:VXrg0abgPvujY(username:passwordhash)
If you would like to add additional users to the file, you can do this using the same command without the -c option.
Once you have added your user(s), move the file to the location specified in your .htaccess "AuthUserFile" option - and you should be good to go.
Please let me know if there's any parts you would like me to explain better. If you do not have access to do it yourself, I can also create the user:password combination for you. In that case I will need you to send me a Private Message with the user and password you would like to use.
(There's also more fancy ways of doing access control using PHP, however this would be a lot more complicated.)
Hi there! If you found this post useful, or used this information to help others, we would greatly appreciate a link back to our forum from your website/blog. Thanks! =)
1 user(s) are reading this topic
0 members, 1 guests, 0 anonymous users
