how to confi htaccess file to deny direct access from all but x.com?

Hello I want to prevent direct access to "dl" folder in dl.x.com/dl. but I want to be able to use curl library to access this folder from x.com. how can I do that? thank you in advance

bobbybouwmann

6 years ago

Level 88

This should put you in the right direction: https://stackoverflow.com/questions/6340203/use-htaccess-to-block-all-domains-to-access-images-folder-except-myown-domain

However, I would highly advise against this. You can easily fake the website you're coming from and still get access to the directory. As long as you know the URL of course :)

A better solution would be protecting the whole directory and using an API to get access to the data. An API can use an access token that can expire, which is more secure.

Please or to participate in this conversation.