tags:

views:

465

answers:

1
Q: 

.htaccess allow script access within my domain

I am looking for the specific .htaccess command that will allow me to deny http access from everyone BUT my scripts.

I have a script that runs out of the root directory that goes and fetches all of the .jpg's out of a given protected directory with the following .htaccess file

<files *.jpg>
    order allow, deny
    deny from all
</files>

I was thinking something similar to this might work

<files *.jpg>
  order allow, deny
  deny from all
  allow from rootUrl.com
</files>
A: 

Your first example should work, since scripts don't make any HTTP requests.

Edit: Unless, your script for some strange reason makes HTTP requests to its own server, which I really don't think it does. Nor should it.

Edit again: Since your script is outputting img elements pointing to the protected files, you have to let all visitors access the files. There is no work-around. You could however stop hotlinking by using .htaccess like this:

RewriteEngine On
RewriteCond %{HTTP_REFERER} !^http://(.+\.)?yoursite\.com/ [NC]
RewriteCond %{HTTP_REFERER} !^$
RewriteRule .*\.(jpe?g|gif|bmp|png)$ [F]
You  2009-08-08 18:15:55
Well my script goes through and posts a link to the picture and basiclaly displays <img src='path/to/file/picture.jpg'> The script works for all other directories except the protected one...
Derleek  2009-08-08 18:22:03
Well, that's not your script accessing them. It's still the visitor's browser accessing them.
You  2009-08-08 18:34:05

related questions

Is it safe to deny access to .ini file in .htaccess?
.htaccess redirect performance
How can I fix my .htaccess to resolve URLs that don't end in slashes
Find the page that the user intended to see
Configuring wordpress .htaccess to view subfolders
Getting file name of file directed by .htaccess?
Apache htaccess on Win2k is not being processed
How do I stop visitors directly accessing the directories in my website?
What happens first? .htaccess or php code?
Apache/php guru needed! htaccess files, php, includes directories, and windows XAMPP configuration nightmare!
Edit php.ini with .htaccess
Do you have to restart apache to make re-write rules in the .htaccess take effect?
Apache Mod-Rewrite Primers?
Dynamic IP-based blacklisting
.htaccess mod rewrite 301-redirect
How to make a web app appear at the root of the site?
Is it possible to use .htaccess to send six digit number URLs to a script but handle all other invalid URLs as 404s?
How do I use .htaccess to redirect to a URL containing HTTP_HOST?
How to convert Apache .htaccess files into Lighttpd rules?
Wildcard Subdomain Exceptions
Redirecting non-www URL to www
How can I use `scp` to deploy a website's `.htaccess` file?
How do I add a MIME type to .htaccess?
Mod-Rewrite loading files behind the DocumentRoot
.htaccess directives to *not* redirect certain URLs