Jump to content

.htaccess Rewrite Or Redirect Help


Recommended Posts

Hello,

 

I've struggled with this for a few hours and I'm stumped.

 

I need to find a way to either rewrite a url or redirect in the following situation:

 

I've setup a file download system that uses urls like so:

 

>www.****/download/regfiles/index.php?action=downloads&id=1&download=uploads/files/filename.exe

 

However, if a user enters:

 

>www.****/download/regfiles/uploads/files/filename.exe

 

They can access the file without using the download system. All users must authenticate to get this far, so that's not the problem. My issue is that the download system logs all downloads and I want to enforce this so I can determine if a user abuses their download rights by giving away their login/password. I want to redirect them to the download system's "index.php" whenever they attempt to do this.

 

I've tried variations of this:

 

>Options +FollowSymlinks
RewriteEngine on
RewriteRule (.*)/regfiles/uploads/files/(.*)\.exe index.php [nc]

 

with no luck whatsoever :)

 

I'm either regex-stupid, or this isn't possible...

 

Help!

 

Thanks,

Dan

Link to post
Share on other sites

Hello click, thanks for replying...

 

No, there aren't any other .htaccess files with Rewrite/redirect rules. All other .htaccess files simply disable indexing.

 

I experimented some more and discovered that I could get very close, but then the file download system would loop back to the index.php file as well. Apparently, the URL to actually download a file is the same once the PHP script serves it up. So, it doesn't look like this is possible and I'll have to monitor the awstats logs to see if there are abuses that way instead.

 

Someone else recommended moving the location of the files to be downloaded to another folder out of the tree that is unreadable and then have another script authenticate and serve up the files as needed. Unfortunately, I only understood about half of what he recommended...

 

I don't know how to create a script that can self-authenticate...

 

Regards,

Dan

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...