St***********@g mail.com wrote:
I would like to make my downloads section unbrowsable (to users)
but accessible to scripts.
There are two ways to implement this:
1. Place the downloads directory outside the document root.
Not all hosts allow this, but those that do typically have
an initial setup like this:
\ [Root directory]
\public_html
When a client requests, say,
www.yoursite.com/index.php,
the index.php is served from the public_html directory.
The root directory remains inaccessible via HTTP. So
what you can do is to place your downloads directory
outside \public_html:
\ [Root directory]
\public_html
\downloads
Then your download script could do something like this:
header('Content-Type: application/zip');
readfile('/downloads/somefile.zip');
2. Protect the downloads directory by using an .htaccess file.
Your downloads directory can be located inside the
document root, but you can disable HTTP access to it
by putting an .htaccess file in that directory containing
the following directives:
Order allow,deny
Deny from all
Then your download script could do something like this:
header('Content-Type: application/zip');
readfile('downl oads/somefile.zip');
Cheers,
NC