[UPHPU] restricting access to assets on a public server

thebigdog bigdog at venticon.com
Sat Apr 9 16:55:25 MDT 2011


> Restricting access by IP would be a great option if it would be secure
> enough. I wouldn't even have to have the secure files outside of web root. I
> could simply use Apache to restrict access to a certain directory to a
> certain IP. I thought that HTTP_REFERRER wasn't reliable though. Isn't that
> easy to spoof?

Are you asking with regards to php or apache? Check out mod_access and that
should give you some other options that you can use with apache.

-- 
thebigdog


More information about the UPHPU mailing list