Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

.htaccess allow from only local files?

Macman1993

Macman1993

macrumors 6502
Original poster
Nov 23, 2007
337
16
Ok so I preface this with the statement that I have never written a .htaccess files in my life but I think writing one to do what I need is very simple if you aren't stupid like me ;)

So I have a script that I'm looking to sell so I obviously need to give a page where the script is active so a buyer can see what they're getting. Obviously I don't want them being able to just type the scripts address and view the contents as that totally defeats the sale as they could then just steal it. I know that the .htaccess file can block public viewing of a file and only allow other files located on my server to use it, but as I said before I have no idea what I'm doing with a .htaccess file. Would anyone here be willing to write this for me, I'm pretty sure it would only be a few lines and I would do it but I really just have no idea what I'm doing. I would really appreciate the help, thanks in advance.
 
There's two ways to go.
  1. Store the file in a folder that is already unreachable from the public view. Generally a web host gives you a folder that you have access to and inside that folder there's a html_public, or domain.com folder where your web site files go. You can also have additional folders that are at the same level as that folder that cannot be accessed publicly. Store sensitive files there and you can have a script that pulls them out as needed for a download.
  2. The .htaccess method.
Code: 
<Files protected.file>
  order deny,allow
  deny from all
</Files>
 
Ok I tried the .htaccess method and the .html file on my server isn't able to access the script so the entire thing doesn't work. I looked into your other idea of putting the script into a folder that people cant access, my host gives me a public_html folder for all my web files and I'm not sure how to access files that aren't inside the public_html folder. This is the file structure

root/public_html/html-file-that-I-want-to-use-the-script

root/script.js

so from inside the public_html folder I don't know how to go back from there and get a file, I cant say mydomain.com/script.js because then it just looks for a file called script.js that is inside the public_html folder. So what I need is some way to access that file thats away from public view or something for the .htaccess file that only allows files on my server to view the script but not outsiders.
 
Right, you can't deliver it directly because it's protected now. You need to use a server-side language to fetch it for you, like with PHP.

PHP: 
// Script destination
$scriptfile = $_SERVER['DOCUMENT_ROOT'] .'/../protected_folder/script.js';
// Outputs file
readfile($scriptfile);
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back