httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Richard Crawford <>
Subject [users@httpd] Restricting page access
Date Wed, 09 Mar 2005 22:54:54 GMT
I'm still working on the problem of delivering those huge PDF files.  In 
the meantime, I was also asked to prevent those files from being 
displayed unless the link to them was clicked on; in other words, I want 
to prevent users from being able to display a file by typing the URL 
directly into their browser.  Normally I'd use basic authentication in 
an .htaccess file, but in this setting that is inappropriate.  I tried 
adapting the solution from the _Apache Cookbook_ that prevents linking 
of local images by remote sites, but that didn't seem to do the trick.

Here is the .htaccess file that I created:

<FilesMatch "\.pdf$">
SetEnvNoCase Referer "^" local_referer=1
Order Deny,Allow
Allow from env=local_referer

This doesn't prevent a pdf file from being delivered if the user types 
in the URL directly.

Richard S. Crawford
Programmer III
UC Davis Extension Distance Education Group (
2901 K Street, Suite 200C
Sacramento, CA  95816

The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message