httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Joshua Slive <>
Subject Re: [users@httpd] Hide the URL when Downloading a File
Date Sun, 27 Oct 2002 01:36:54 GMT wrote:

> Hi Joshua,
> Even if you hide the file in a area that is not accessible by WWW, the 
> file
> can be easily accessed by using the PHP file. People will just copy 
> the PHP
> file URL, and access the file like that. They don't need to know the exact
> location to get the file. They will just use the PHP file to get the PDF.

No.  Mary says that she has access control in the PHP.  What I showed 
was a way to use the PHP access control to protect the pdf file, which 
is exactly what she asked for.

> One of the way to fix this problem, is to use mod_rewrite and HTTP_REFERER
> var.

That is very easy for the client to get around simply by faking the Referer.


The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message