0

Could access to files like df9dfglh_56_ghf.mp3 in /www/pub/ prevented with an empty index.html file? (but giving access via index.php with login to a database that then links to that file name)?

UPDATE: but I would rather NOT restrict access to the directory, if I want to play the file in my own 'cloud player'... (bit like the youtube category: only people with the link can see the file)

The bottom line: I want minimise server traffic, or copyright problems (if those files became publically accessible)

ajo
  • 1,045
  • 4
  • 15
  • 30

7 Answers7

1

For preventing access from a certain file or even for a certain type of file, you can use the .htaccess, which is an apache configuration file that provide some ways to make configuration changes on a per-directory basis. And then append to it the following line

<Files ~ "\.mp3$">
    Order allow,deny
    Deny from all
</Files>

For your specific case, you can even use it this way:

<Files "df9dfglh_56_ghf.mp3$">
    Order allow,deny
    Deny from all
</Files>

If you wish only that the file is not listed on the index you can use this very same file to do what @Ynhockey said and issue the configuration:

Options -Indexes

I hope it helped. Cheers

Bruno Vieira
  • 3,884
  • 1
  • 23
  • 35
  • but that means i couldn't play it cloud player style? – ajo Oct 29 '12 at 12:32
  • Yes, you could play exactly like cloud player style, you are just preventing the user to access your file like http://yoursite.com/you-music-file.mp3. The access from your php classes is normal – Bruno Vieira Oct 29 '12 at 12:40
0

if you set inside your data folder empty

 index.html

When user browse .. 

http://yoursite/data/

he will see empty page and he wont see your mp3 file...

But if he goes to 

http://yoursite/data/yourmp3name.mp3

he will open your mp3..

Svetoslav
  • 4,686
  • 2
  • 28
  • 43
0

By simply having an index.html or index.php, you would only be disabling directory listing. People will still be able to access any files inside that directory though if they have the direct URL to it.

If you would like to block access to specific files, you will need explicitly restrict access to those files. Here is a good resources to get started with that.

Community
  • 1
  • 1
Aamir
  • 5,324
  • 2
  • 30
  • 47
0

An empty index file can prevent a directory listing from showing, but it does not prevent direct access to files. This can also be done by putting the following line into your .htaccess file:

Options -Indexes
Ynhockey
  • 3,845
  • 5
  • 33
  • 51
0

I think what you are referring to is Apache's directory-listing when there is a directory without an index. Yes, an empty index will hide this listing but no, it will no prevent access to files if the path is known. If this "share link to authorised persons only"-policy is secure enough for you then fair enough. If you want anything more secure you should consider using mod_auth or something similar og limit access by only allowing access to a .php file or something similar that provides access to only the authorised users.

Andreas Hagen
  • 2,335
  • 2
  • 19
  • 34
0

in principle yes it will disable the file listing, but if the user knows the exact path, then he will be able to view/download the given file. an effective way of doing, what i believe you are trying to do , is to put the files in a dir that is not visible by web, and then serve the files via php. then the link will be smth like, domain.com/getfile.php?fileindetification=thefile then in getfile.php you can authenticate the user and then serve him the file, you can do even more, you can make the currentlink, be valid only for a short period of time.

Nikola
  • 546
  • 1
  • 6
  • 18
0

it will be better to keep the file out of the web root folder so that no one outside get access to the file.

Arun Killu
  • 13,581
  • 5
  • 34
  • 61