[thelist] File Security
live4bacon at optonline.net
live4bacon at optonline.net
Mon Mar 22 19:24:52 CST 2004
Good day,
I have, say, 3 clients each having their own secure area. In this area the client would be able to upload/download files to/from me.
the files would reside in say
/Protected/Client1/files/
How can I keep someone from downloading files directly from this folder? I have secured the pages themselves with PHP and MYSQL authentication but, correct me if i am wrong. that doesn't stop someone from grabbing the file directly like so:
http://www.mysite.com/Protected/Client1/files/somefile.zip
I understand that said person would need to be quite informed, ....wait, but I would be able to set these files outside the server root! correct? and serve them from there?
Thanks for you help,
JP
More information about the thelist
mailing list