File protection with htaccess

I spend lot of time here and I'm very pleased with your community and I noticed there are many programmers, so my question is targeted to them.

Overview:

I have on my domain (lets call it loki.com and on this domain I have subfolder games packed as ZIP file. My primary target is to prevent visitors to download those zip files with loki.com/games/some_game.zip but allow them to download from loki.com/download/some_game of course this link is set with mod_rewrite.

So basicly I want block direct access to file in directory but able to download from page on my web.

I alread set .htaccess file in desired folder, but I cannot access file from my web.

Or If you have any other ways to protect file from unauthorized download I'm open for your ideas

Hi Lazarus,

If you don't want anybody to ever download it from your website, then you should store it above the htdocs folder on your host. That way you'll have access via ftp, i.e. if it was just for your personal storage or for referencing via your software.

If you must store it in a folder below htdocs then you could start by making sure visitors can't see a folder listing by creating an index.htm page for the folder. Then you could password protect the folder and/or file using .htpasswd. Plenty of tutorials online for that.

Hope that helps.

Thank you, appreciated That is good path. But there is small issue, my website uses iframe tag to publish my construct2 games and anybody can simply view source of my website, which means everybody can see path to my games. I read about that I cannot with 100% hide path to file in source, but I can make it harder to see it and more protect my work. So my guess is to use .htaccess.

I simplify my question:

How to raise 403 error (You don't have permission to this direcotry/file) when visitor enters in browser

http : // loki.com /path_to_game/game_name/index.html (path displayed in iframe tag) but allow to them play game on http : // loki.com /index.php?section=games&game=game_title