7 {{ upvoteCount | shortNum }}
7 {{ upvoteCount | shortNum }}

htaccess redirect when accessing a certain file

by GetWebHost
6 replies
I have the following file structure:
  • /assets
    • media.mov
    • some_file.ext
    • /css
      • style.css
      • some_files.css
What I want is an htaccess which will redirect the user to a certain page (i.e. forbidden.php) when they access directly those certain files.

For example, if they access mydomain.com/assets/media.mov, mydomain.com/assets/some_file.ext, mydomain.com/assets/css/style.css, they will be redirected to mydomain.com/forbidden.php

Unfortunately, I am only limited to put the .htaccess file on the /assets folder only and beyond its subfolders. I cannot put they htaccess file in root or somewhere else.
#accessing #file #htaccess #htaccess redirect #redirect
  • Profile picture of the author powerspike
    Ok, this isn't a good idea, because accessing the file directly, is what web browsers to do apply the file to your site, the webserver won't know the difference inbetween a browser accessing the file, or a visitor requesting it directly.

    You can say if the referer is my site then allow the file, but alot of browsers and privacy plugins block that data as well.

    If a file is needed to view a "free/public" part of your website, it's going to need unrestricted access, because if you don't, then the webpages/movies/photos/images won't show anymore.
    {{ DiscussionBoard.errors[817003].message }}
  • Profile picture of the author GetWebHost
    Well, the file extensions above are just examples.

    I have some files which really need to be restricted from direct access. Let's say I have file.zip, what could be the correct htaccess code so that a user accessing it will be redirected?
    {{ DiscussionBoard.errors[818215].message }}
  • Profile picture of the author Aaron Sustar
    What powerspike tried to say is this: Let's say you have a "file.zip" and you actually apply the redirection to "forbidden.php" to it.

    If at some point there will be a certain user, who should be able to download this "file.zip" by clicking some link in his web browser (Mozilla Firefox, Internet Explorer, you name it), then this browser will send a request to your server and that request will get denied!

    So, if at any point any of your users should be able to download this file, you should configure your server this way. If none of your website's visitors will ever need that file, then simply put it somewhere else, not in the "public_html" folder.
    {{ DiscussionBoard.errors[820848].message }}
    • Profile picture of the author GetWebHost
      Well, what I am asking for is only the code, non on "what why", etc. As I have stated, those file extensions I have stated are only examples. I've got the actual file extensions....

      Originally Posted by Aaron Sustar View Post

      If at some point there will be a certain user, who should be able to download this "file.zip" by clicking some link in his web browser (Mozilla Firefox, Internet Explorer, you name it), then this browser will send a request to your server and that request will get denied!
      Because that's what I'm actually trying to do.

      Originally Posted by Aaron Sustar View Post

      If none of your website's visitors will ever need that file, then simply put it somewhere else, not in the "public_html" folder.
      You may have missed my note that I can only put the .htaccess on the /assets folder, not even on the public_html.
      {{ DiscussionBoard.errors[822528].message }}
      • Profile picture of the author Aaron Sustar
        Nope, I haven't missed that. If you put any file in a folder that is not a part of the public_html, it will be completely inaccessible via web browsers - and you said this is what you wanted to achieve.

        You can create another folder at the same level as public_html, like this:
        _private_stuff
        ...your stuff goes here
        public_html
        ...images
        ...css
        ...website code etc.
        {{ DiscussionBoard.errors[823365].message }}
        • Profile picture of the author GetWebHost
          The scenario here is not limited on me, it's applicable on all users who will buy and use my files - that's why I'm stated in the first post that I can only put the htaccess file on a certain folder (/assets)

          So let's say you (CLIENT_1) will buy these files from me, you should put all these files in your /assets folder in your host so that it will work. And if CLIENT_2 will also buy these files, he must also put it on /assets folder on his host.

          You can think on this as it is not me who will use these files but my users. And this htaccess file is one way of protecting these files to unprivilege users.
          {{ DiscussionBoard.errors[823865].message }}

Trending Topics