I want to block the video folder,so if someone would use the direct link of the video path in the DB, they would get the error.
But I want to display that video on my webpage.
So I denied the access of that folder in htaccess file as follows:
RewriteEngine On
RewriteRule (^|/)videos(/|$) - [F]
But the videoplayer is just blank.(because of the 403 error)
Is this the right way? Can I allow my own page to access it? Or I should do it some other way?
I think the best solution for displaying videos but lock it out from the public would be to use a CDN (Content Delivery Network) like Cloudflare to deliver and stream your videos and disallow the public to view all your videos in a folder.
Here is more information on Cloudflare's Video Hosting solution.
https://www.cloudflare.com/products/cloudflare-stream/
I hope that helps answer your question.
Cheers!
Found soulution, create new htaccess file and add it to your media folder. Allows access only from your site. Blocks direct request from elsewhere.
Put this into the file:
RewriteEngine On
RewriteCond %{REQUEST_URI} .(mov|png|mp4)$ [NC]
RewriteCond %{HTTP_REFERER} !^https://yoursite.com/.*$ [NC]
RewriteRule ^.* - [F,L]
Related
I have a simple PHP website , I want to know if there is any way to avoid users Access to the files on my website ?
like css files and other things ?
To prevent my files to show in folder and directories, I used htaccess file and put this code inside htaccess :
Options -Indexes
but some users can still access the files content like css codes.
for example if an user visit this url :
www.mysite.com/folder
this message should show to him :
Forbidden
You don't have permission to access /css/ on this server.
but if users visit this url :
www.mysite.com/folder/file.css
Then the css will appear to him ...
I want to know how can i prevent this problem ?
And avoid restrict files to users ?
You need to allow access to some static files like .css, .js, .jpg, etc... to the correct visualization of your web.
If you want to avoid hotlinking you should create an .htaccess with this content:
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?yourdomain.com [NC]
RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?yourdomain2.com [NC]
RewriteRule \.(jpg|jpeg|png|gif)$ http://hpmouse.googlepages.com/hotlink.gif [NC,R,L]
Source
i have lot of xml files on my server i need to block direct access of xml file like if someone copy xml url and need to redirect somewhere but i need to access that xml through kodi app. i got success to direct access of xml but that blocking kodi access also. please check below code is my htaccess which blocks direct access.
ErrorDocument 403 http://newdomainexample.com/
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^http://(www\.)?example.com [NC]
RewriteCond %{HTTP_REFERER} !^http://(www\.)?example.com.*$ [NC]
RewriteRule \.(xml)$ - [F]
above htaccess also blocking htaccess from kodi. i need kodi can access url but people cant access directly.
any solution please
I'm slowly starting to learn how to use HTACCESS and the code below doesn't work for some reason the options part itself works.
Options +FollowSymlinks
RewriteEngine on
Options ALL -Indexes
So I'm already restricting users from accessing directories but is there any way to restrict them from accessing all files in certain folders directly?
Right now people are restricted from folders /php/ /css/ etc but if they type /css/style.css they will access that file
Options -Indexes is not used to restrict access per say. It's to prevent listing files in your directory so that they can't access or see all your files in the folder. So if there is no index file it will give a forbidden error.
You need to explicity block access and use other directives. You can use <file> with order, Rewriterule etc.
An example of blocking file types in a directory would be like this.
For instance I have an images directory and want to block jpeg, jpg, png and gifs
RewriteEngine On
RewriteCond %{REQUEST_URI} ^/images [NC]
RewriteCond %{REQUEST_URI} \.(jpe?g|png|gif)$ [NC]
RewriteRule .* - [F,L]
Side note, blocking CSS is prevent irrelevant anyway because the browser has to load it to view the page properly. There's no point to do so because you can inspect any element to see the styles on all modern browsers.
I'm hosting my files on my server and I want to keep these files from being download by leechers. Also the format link of mine is something similar to: domain.com/download/Name.rar where people can easily guess the name of the file and try downloading by entering links in the browser address bar. I don't want these 2 things to happen and think of using .htaccess to block all no referrer downloads. I've tried some method I can find online:
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www\.)?domain.com/.*$ [NC]
RewriteRule \.(rar)$ - [F]
But it didn't work at all, I was still able to download files from address bar. Did I do something wrong? Assuming the folder I store my files is /download/store, where do I have to put the .htaccess file? Can anyone give me a full guide on this issue?
You want to deny blank referers. Your condition denies referers that are not blank and does not equal your domain. So you need to get rid of this line:
RewriteCond %{HTTP_REFERER} !^$
I have some video files few of which are not public. I want to access them through video player but I also need to prevent the direct download from the address bar. Also if a user pays for it they can download.
I tried in .htaccess file but still not solved.
I tried the following:
RewriteEngine On
RewriteCond %{HTTP_REFERER} !^(https?://)?yoursite.com
RewriteRule ^/?video_files - [L,F]