I am using Laravel 5.3, apache and php 5.6, I need to deny direct access to files via url, but i need to download those files after the user Logged in via url or general php request to download a file, i ain't using Auth, i am using my own procedure for logging in. First is it possible to do so?
I have kept my files in
project/public/uploads/{clientid}/sample.txt
I know its a bad practice to store files in public folder instead of storing it in storage folder, but the project was developed initially in such a way and we need to overcome the direct access to files, is there anyway to do it, i have tried some by editing my .htaccess inside the public folder,
<IfModule mod_rewrite.c>
RewriteEngine on
Order Deny,Allow
Deny from all
Allow from 127.0.0.1
<Files /../index.php>
Order Allow,Deny
Allow from all
</Files>
<FilesMatch ".*\.(css|js)$">
Order Allow,Deny
Allow from all
</FilesMatch>
</IfModule>
Anyhow this only allow css and js files inside public folder, but deny all other files that is kept inside the public folder via url and php general post download.
via Chebli Mohamed
Aucun commentaire:
Enregistrer un commentaire