Restrict Access to a sub driectory

  • erickruk

    (@erickruk)


    11 years, 1 month ago

    I am trying to restrict access to a a sub directory and its files I made in my uploads folder. URL /wordpress/wp-content/uploads/protected/

    I want to stop people from putting in a direct URL and getting specific files.
    IE:URL /wordpress/wp-content/uploads/protected/file-nane.pdf

    Not all files will be PDFs.

    I tried adding a .htaccess file to the directory with this in it:

    RewriteEngine On
    RewriteCond %{HTTP_REFERER} !^http://(www\.)?URL\.com/ [NC]
    RewriteCond %{REQUEST_URI} !hotlink\.(gif|png|jpg|doc|xls|pdf|html|htm|xlsx|docx|mp4|mov) [NC]
    RewriteCond %{HTTP_COOKIE} !^.*wordpress_logged_in.*$ [NC]
    RewriteRule .*\.(gif|png|jpg|doc|xls|pdf|html|htm|xlsx|docx|mp4|mov)$ http://URL/ [NC]

    You can’t get to the main directory, but you can still link directly to the files. I only want logged in users to be able to access the files.

    Thoughts?

Viewing 2 replies - 1 through 2 (of 2 total)
  • Thread Starter erickruk

    (@erickruk)

    11 years ago

    So, it took a bit of work, but I got the htaccess to redirect when trying to access the directory.

    Does anyone know of to see of the cookie for protected pages has been set?

    Thread Starter erickruk

    (@erickruk)

    11 years ago

    This is what I currently have in my htaccess file

    RewriteEngine On
    RewriteCond %{HTTP_REFERER} !^http://(www\.)?wisconservation\.org/ [NC]
    RewriteCond %{REQUEST_URI} !hotlink\.(gif|png|jpg|doc|xls|pdf|html|htm|xlsx|docx|mp4|mov) [NC]
    RewriteCond %{HTTP_COOKIE} !^.*(comment_author_|wordpress|wp-postpass_).*$
    RewriteCond %{REQUEST_FILENAME} ^.*(mp3|m4a|jpeg|jpg|gif|png|bmp|pdf|doc|docx|ppt|pptx|)$
    RewriteRule .*\.(gif|png|jpg|doc|xls|pdf|html|htm|xlsx|docx|mp4|mov)$ http://www.wisconservation.org/boardportal [R=301,L]

    It is the cookie line I am trying to figure out. I know the cookie being made is wp-postpass_ but there are wildcard characters attached to it.

Viewing 2 replies - 1 through 2 (of 2 total)

The topic ‘Restrict Access to a sub driectory’ is closed to new replies.