473,399 Members | 3,656 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > html / css > questions > big security problem downloading files....

Join Bytes to post your question to a community of 473,399 software developers and data experts.

BIG security problem downloading files....

Mel
on my web site you will have to login to see downloads etc.
However once the user logs in the file url is exposed and the end user can
bookmark the downloadable file and pass it on to others

is there a way to avoid this ?

thanks
Jul 20 '05 #1
2 1386
Mel wrote:
on my web site you will have to login to see downloads etc.
However once the user logs in the file url is exposed and the end user can
bookmark the downloadable file and pass it on to others

is there a way to avoid this ?


Yes.

Do you run your own server?
What server is it?

On my church site [1] I have a load of member-only pages. I use PHP
authentication [2], with each protected page checking the authentication
and backing out if not authorized. This means I don't need to set
cookies on the users' machines.

Documents are done with a PHP script that checks authorization: if OK,
it sends the appropriate headers then reads the document contents from a
separate directory that isn't part of the website directory structure.

[1] http://billericaybaptist.net/
[2] http://www.php.net/manual/en/features.http-auth.php

--
Mark.
Jul 20 '05 #2
Mel wrote in
<c8**********@s0b1a68.ssa.gov>
on my web site you will have to login to see downloads etc.
However once the user logs in the file url is exposed and the end
user can bookmark the downloadable file and pass it on to others

is there a way to avoid this ?


..htaccess password protection will stop access to the files by anyone who
isn't authorised - whether they know the URL or not.

--
PeterMcC
If you feel that any of the above is incorrect,
inappropriate or offensive in any way,
please ignore it and accept my apologies.

Jul 20 '05 #3
New Post

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

3
upload security
by: Philippe Lemmerling | last post by:
I have a question concerning security of my file upload script. I'm using the php upload routines (move_uploaded_file,...) and variables ($_FILES) to upload images to a webdirectory. Everything...
PHP
0
Readfile problem with Norton Internet Security
by: Yannick Bétemps | last post by:
Hi all, As says the topic, I recently encountered problems with customers using one of my file management applications and being protected in the same time with Norton Internet Security firewall....
PHP
4
Security? "Error Disallowed Parent Path"
by: RJ Dake | last post by:
Having problems with uploaded Database and SharePoint sites. At least one of the errors is mentioned below. Sites do not allow access to DB entry or results. Email feedback is MOST appreciated!...
ASP / Active Server Pages
2
ASP security model / file permissions to allow updating of a database
by: Fran Tirimo | last post by:
I am developing a small website using ASP scripts to format data retrieved from an Access database. It will run on a Windows 2003 server supporting FrontPage extensions 2002 hosted by the company...
ASP / Active Server Pages
2
Using NTFS security to protect files served via asp/iis
by: travelling_nerd | last post by:
Folks: I have some zip files I'd like to serve to authenticated users on my site, but would like to prevent unauthorized users from using an absolute path to get to these zip files. For example...
ASP / Active Server Pages
1
storage/security concerns for a music download service
by: dhnriverside | last post by:
Mornin peeps. We're in the process of creating a legal music downloading service. Fairly simple. People can either buy 1 track or a number of "credits" to buy several tracks. My concern is...
ASP.NET
1
Having problem with connecting to server while downloading some file from the same server.
by: just.starting | last post by:
Hi, My dot net client downloads files and checks for any new files time to time. The server is apache2.0.53 server. So what happens is that my file download thing works fine if I dont try to call...
.NET Framework
0
Having problem while downloading some files.
by: just.starting | last post by:
I am having problem while downloading files from an apache server2.0.53 with php4.3.10.While downloading some files it generally stops after downloading some specific amount and then stops...
PHP
2
IE Save Dialog Security Warning
by: Charles Mifsud | last post by:
Hi all, We have an asp.net 2.0 page with a button. On clicking the button we redirect to another page which downloads a file. When we deploy on the web server we are gretting a security...
ASP.NET
25
How to work around FORM method="post" changing "." to "_" please?
by: william.hooper | last post by:
here is my form: <html> <head></head> <body> <FORM ACTION="code.php" method="post"> <INPUT TYPE=SUBMIT NAME="arty.jpg" VALUE="Action"> </FORM>
PHP
0
How to turn on java script in a villaon keypad mobile phone
by: Charles Arthur | last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
Java
0
Migrating Website to Cloud - Emmanuel Katto
by: emmanuelkatto | last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud. Please let me know. Thanks! Emmanuel
General
1
Looking to do Android software development, any suggestions? Is flutter better?
by: nemocccc | last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
General
1
Is that possible of reading the .csv file in column wise and the column have different lengths ?
by: Sonnysonu | last post by:
This is the data of csv file 1 2 3 1 2 3 1 2 3 1 2 3 2 3 2 3 3 the lengths should be different i have to store the data by column-wise with in the specific length. suppose the i have to...
C / C++
0
marktang
What is ONU?
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
General
0
Changing the language in Windows 10
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
Windows Server
0
jinu1996
Maximizing Business Potential: The Nexus of Website Design and Digital Marketing
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
Online Marketing
0
tracyyun
Discussion: How does Zigbee compare with other wireless protocols in smart home applications?
by: tracyyun | last post by:
Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
General
0
isladogs
Access Europe - Using VBA to create a class based on a table - Wed 1 May
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome a new...
Microsoft Access / VBA

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!