views:

127

answers:

3

I'm working on a site that allows users to purchase digital content and have implemented a method that attempts to serve secure downloads.

I'm using CodeIgniter to force downloads like this:

$file = file_get_contents($path);

force_download("my_file_name.zip", $file);

Of course, I make sure the user has access to the file using a database before serving the download, but I was wondering if there was a way to make these files more secure.

I'm using a some 8-10 letter keys to create the file paths so urls to the files aren't exactly easy to figure out... something like http://mysite.com/as67Hgr/asdo0980/uth89.zip in lieu of http://mysite.com/downloads/my_file.zip.

Also, I'm using .htaccess to deny directory browsing like so: Options All -Indexes.

Other than that... I have no idea what steps to take. I've seen articles suggesting username and password methods using .htaccess, but I don't understand how to bypass the password prompt that would occur using that method.

I was hoping there might be a method where I could send a username and password combination using headers and cUrl (or something similar), but I wouldn't know where to start.

Any help would be hugely appreciated. Thanks in advance!

+1  A: 

why not to just Deny from All in the .htaccess? Or place files above webroot? That would be enough. But your current setup is pretty safe already. Why do you think you need any help?

Col. Shrapnel
I have just never served files on a case by case basis before and was wondering if there was any standard practice associated with it.
bschaeffer
+4  A: 

Make it so the web server does not serve the files under any circumstances, otherwise all the checking is pretty moot. The best way to do that is to put them somewhere outside the webroot. I.e.:

/
  webroot/         <- root web directory, maybe named www or similar
    index.php      <- your app, served normally
    …other serve-able files…
  files/           <- not part of the serve-able webroot dir
    secret_file    <- web server has no access here

Then, if the only way to access them is through your script, it's as secure as you make your script.

deceze
I never even thought of that. Works great and, like you said, the files aren't serve-able through direct urls. Thanks a bunch.
bschaeffer
A: 

.htaccess should look like this if you want them to only be downloadable from your localhost. Also, it removes some handlers that that could try to access any of the files, just in case. So that way only you have access to it. Also a good idea to store an index.php file in there that checks the existance of another file, and if exists, set the header, if not, exit.

.htaccess file:

<Files *>
    Order Deny,Allow
    Deny from all
    Allow from localhost
</Files>

RemoveHandler .php .php3 .phtml .cgi .fcgi .pl .fpl .shtml
SoLoGHoST
Very funny, haha :)
Col. Shrapnel
I think you can omit the line `Allow from localhost`, see http://httpd.apache.org/docs/1.3/mod/mod_access.html#allow
Dor
Use Allow from 127.0.0.1 :)
SoLoGHoST