We've got some .pdf documents on our website that we'd rather people not view by directly typing the URL into the browser; we want them to get there via a link.
My boss is convinced that we can do this using the same tricks with the .htaccess file that can be used to prevent images from being stolen. I'm not entirely sure about that. Here's the .htaccess file in question. I've kept all my failed attempts and commented them out. Any help would be grand. The first one -- using mod_auth_cookie -- seemed to work (because users shouldn't even be in that directory unless they have logged in) but we needed a broader solution. #AuthName "DLC Resource Only" #AuthType Basic #AuthUserFile /web/config/users.txt #AuthGroupFile /web/config/groups.txt #Require group members #AuthCookieName CFTOKEN #<FilesMatch "\.pdf$"> #SetEnvIf Referer "http://152.79.198.7" local_referrer=1 #Order Allow, Deny #Deny from all #Allow from env=local_referrer #</FilesMatch> #RewriteEngine on #RewriteCond %{HTTP_REFERER} !="" #RewriteCond %{HTTP_REFERER} #!="^http://152.79.198.7/cfmx/DLC/Campus/Courses/wineAnalysis/lesson_10/les_010_002.cfm" #RewriteRule .*\.pdf$ - [F] #SetEnvIf Referer "^http://152.79.198.7" internal #<Limit GET POST> #order deny,allow #deny from all #allow from env=internal #</LIMIT> -- Sláinte, Richard S. Crawford (AIM: Buffalo2K) http://www.mossroot.com http://www.stonegoose.com/catseyeview "We live as though the world were how it should be, to show it what it can be." --"Angel", Season 4 ep. 1 _______________________________________________ vox-tech mailing list vox-tech@lists.lugod.org http://lists.lugod.org/mailman/listinfo/vox-tech