通过使用mod_rewrite检查当前的PHP会话来保护图像不被直接访问
I'm working on a solution to a problem where users could potentially access images (in this case PDF files) stored in a folder off the server root. Normally, my application validates users through PHP scripts and sessions. What isn't happening right now is preventing non-logged in users from potentially accessing the PDFs.
The solution I'm looking for would (I think) need to be tied in with Apache. I saw an interesting solution using RewriteMap & RewriteRule, however the example involved putting this in an .htaccess file in the PDF directory. Can't do that with Apache (error: RewriteMap not allowed here). I believe the rewrite directives need to go in my httpd.conf, which I have access to.
So the example I found (that resulted in 'rewritemap not allowed here') is here: RewriteEngine On RewriteMap auth prg:auth.php RewriteRule (.*) ${auth:$1}
auth.php just checks PHP session and redirects to a login script if needed.
I'm reading that I have to place this in my httpd.conf. How would I specify that the RewriteMap should only occur on a specific directory (including subdirectories)?
我正在研究一个问题的解决方案,用户可能会访问存储的图像(在这种情况下是PDF文件) 在服务器根目录下的文件夹中。 通常,我的应用程序通过PHP脚本和会话验证用户。 现在没有发生的事情是阻止未登录的用户可能访问PDF。 p>
我正在寻找的解决方案(我认为)需要与Apache绑定 。 我看到了一个有趣的解决方案,使用RewriteMap& RewriteRule,但是这个例子涉及将它放在PDF目录中的.htaccess文件中。 使用Apache无法做到这一点(错误:此处不允许使用RewriteMap)。 我相信重写指令需要进入我可以访问的httpd.conf中。 p>
所以我找到的例子(导致'这里不允许重写地图')在这里: RewriteEngine On RewriteMap auth prg:auth.php RewriteRule(。*)$ {auth :$ 1} p>
auth.php只检查PHP会话并根据需要重定向到登录脚本。 p>
我正在读取我必须将它放在我的httpd.conf中。 我如何指定RewriteMap只应出现在特定目录(包括子目录)上? p> div>
1st, be sure that you have to put that directly in httpd.conf. On Debian system, for instance, you have 1 file by virtualhost (a virtualhost usually is a website) So, you have to put your rewriteMap in a "directory" like this:
<Directory /full/path/to/your/pdfs>
RewriteEngine on
...
</Directory>