Apache and disallowing direct access to files
Posted: Thu Jan 06, 2011 4:35 am
Newbie here, trying not to make a howling mess of things...
I'm working on a web version of an old Windows executable program which reads its data from flat files. We're heading for a database system longer term, but in the meantime, flat files it is.
I know how to disallow users from seeing the contents of the flat file directory. But is there a way to prevent them being served these files if they know/guess the names and type them explicitly into the browser? They never need to see them directly - they are read by the CGI executable program called by my php script.
I'm aware I'm in a bit of an "if I were you I wouldn't start from here" situation - all suggestions gratefully received.
Edit: This is Apache 2.2 on Windows.
I'm working on a web version of an old Windows executable program which reads its data from flat files. We're heading for a database system longer term, but in the meantime, flat files it is.
I know how to disallow users from seeing the contents of the flat file directory. But is there a way to prevent them being served these files if they know/guess the names and type them explicitly into the browser? They never need to see them directly - they are read by the CGI executable program called by my php script.
I'm aware I'm in a bit of an "if I were you I wouldn't start from here" situation - all suggestions gratefully received.
Edit: This is Apache 2.2 on Windows.