You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@httpd.apache.org by gerard uolaquetalestem <vi...@mixmail.com> on 2003/02/25 01:16:33 UTC

[users@httpd] apache directories protect

Hello, i'm trying to protect some directories from people trying 
to acces them directly.
What i want is only the web page can access.

I made something with setenvif anv the variable referer, but i 
got some problemes with this 'referer' so i tryed another 
alternatives.
In my virtual host i put the setEnv newVar and after i put the 
directories denny from all and allow from env=newVar.

But it doesn't worked.

I tryed allow from domain.com, and neither works.

Is there any standard mechanism for that?

Thanks!

-----
Tu cuenta de correo gratuita Mixmail http://mixmail.ya.com
Ya.com ADSL, Router U.S. Robotics �Gratis! http://acceso.ya.com/adsl

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: [users@httpd] apache directories protect

Posted by Joshua Slive <jo...@slive.ca>.

On Tue, 25 Feb 2003, gerard uolaquetalestem  wrote:

>
> Hello, i'm trying to protect some directories from people trying
> to acces them directly.
> What i want is only the web page can access.
>
> I made something with setenvif anv the variable referer, but i
> got some problemes with this 'referer' so i tryed another
> alternatives.
> In my virtual host i put the setEnv newVar and after i put the
> directories denny from all and allow from env=3DnewVar.
>
> But it doesn't worked.
>
> I tryed allow from domain.com, and neither works.
>
> Is there any standard mechanism for that?

You haven't explained exactly what you want.  A guess: you want to prevent
people from directly downloading images that you are using inline on
webpages.  If that is right, then indeed the referer method is the best
method.  If that is not right, please explain more clearly what you want.

As far as using env variables, that will not work because env variables
are not passed from one request to the next.  Each http request if viewed
completely independently by apache.

Joshua.

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org