Hello,

I'm not really sure if this is the best place to ask this question. So sorry for any problems it may cause.

My situation:
I have folder which has very important files that are not allowed to access if I don't give an exact URL to that file for my website users.
I have done this with simple .htaccess

RewriteEngine On
RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?mywebsite.com [NC]
RewriteRule /* http://www.mywebsite.com [R,L]


Since I'm not expert in these things, I'm wondering what are possible ways for "bad guys" to access contents of that folder? What security bugs do you see here?

Thank you very much!