...

View Full Version : Deny access for all users through browsers, except PHP application in same domain



Calarium
11-09-2010, 08:28 PM
Hi to all, first time posting here :)

Please, some help over here. IŽll try to be as much clear I can.

In summary my problem is:
I have a PHP application installed in a folder of my domain that reads CSV.txt files from
another folder in my domain and I need to restrict direct access to see and download these CSV.txt
files for all users through web browsers, except for the PHP application.

In more detail the scenario is:
- I have mydomain.com working with a CMS normally.
- I created a folder within mydomain.com-->mydomain/myfolder/
- Whithin this folder I installed a PHP application that runs independently of the CMS
application installed in mydomain.com
- This PHP application installed in mydomain/myfolder/ get products from CSV files to load into a MySQL DB.
- This products are stored in /public_html/products-to-show/recents/
- The PHP application runs a cron link to refresh the products data base.
- The refresh link used by cron job is the URL of the folder /public_html/products-to-show/recents/ in this case is
http://www.mydomain.com/products-to-show/recents/ (and can be accessed by any user)
- The link used by cron must be a URL because If I use a folder outside public_html, (e.g. /public_ftp/products/) I can`t
say to the PHP application how to reach that path.


If I restrict privileges from folder with user and password, I receive a fopen() error in my
PHP application execution, and for my little knowledge of PHP is very dificult for me to modify
any file of the PHP application without affecting the normal behaviour of the script.

I`ve tried putting a .htacces file within /public_html/products-to-show/recents/ containing the following
lines of code.


/public_html/products-to-show/recents/.htaccess
# Restricting access to users
#Order allow,deny
#deny from all

This .htacces effectively restricts direct URL access for all users through web browsers showing a 403 error (nice!),
but it restricting the access to my PHP appliaction either (too bad) when I expected the opposite because is an access
from the same IP and the same domain where my PHP application resides.

May please someone help me out to solve this issue I have?

Any help would be very appreciated.

Best regards.

djm0219
11-09-2010, 08:42 PM
The link used by cron must be a URL because If I use a folder outside public_html, (e.g. /public_ftp/products/) I can`t say to the PHP application how to reach that path.

Why can't you? That would be the correct, and secure, way to handle things. It is certainly feasible to handle things in that manner.

Calarium
11-09-2010, 08:57 PM
Hi djm0219,


Why can't you? That would be the correct, and secure, way to handle things. It is certainly feasible to handle things in that manner.

The things is am not a PHP programmer, I can try to locate which php files could control the way php application apply the cron refresh link, but at least this days, I`m not be able to modify any line of code of any php file, without cause damage to the normal perfomance of the script or PHP application at all.

If somebody knows how to do it, please give some suggestions, your help will be very appreciated.

Best regards,

Calarium
11-10-2010, 07:48 AM
Well, I come back answer my own question:D, after searching and searching with a really easy solution, I was only needing
to add one more line of code in .htaccess file.


#Deny access for all users (all IPs), except the same domain IP
Order allow,deny
deny from all
allow from xxx.xxx.xxx.xxx
ErrorDocument 403 /403.htmlLooks very easy when we know what we have to do. After viewing some .htacccess programming, I get with the solution
I was looking for.

Thanks.

Best regards.



EZ Archive Ads Plugin for vBulletin Copyright 2006 Computer Help Forum