Prevent users from accessing mp3s in my uploads folder?

1 Views

I have mp3 players set up to play mp3s on my site. The mp3s are all being uploaded to the uploads folder. I don’t want people accessing these directly, meaning I don’t want people to be able to download the mp3s. Is there a way to somehow restrict access to all files ending in .mp3 in the uploads folder while still having them playable in the mp3 players on the site?

Post Views: 1

Related posts

Leave a Reply

2 comments

  1. There is a simple approach to hold download access on your file.

    1. Using .htaccess:

    Upload a .htaccess file into your wp-content folder. Have a look if one exists already, then append this code to the end of the file. If you don’t have one, just create a new blank file and add this code to it:

    RewriteEngine On
RewriteCond %{HTTP_REFERER} !^http://(www.)?yourwebsite.com/ [NC]
RewriteCond %{REQUEST_URI} !hotlink.(mp3|mp4|mov) [NC]
RewriteCond %{HTTP_COOKIE} !^.*wordpress_logged_in.*$ [NC]
RewriteRule .*.(mp3|mp4|mov)$ http://yourwebsite.com/ [NC]

    This rather strange sounding code is neither Linux nor PHP nor MySQL – it’s Apache (that’s the service which usually takes care of serving up those websites from a server). These are instructions that will tell Apache to do the following – I’ll explain this line by line.

    Here are some instructions I’d like you to use in this directory:

    1. IF someone comes from anywhere other than yourwebsite.com
    2. AND they ask for a direct file that ends with any of the following (mp3, mp4, mov, etc)
    3. AND they are not logged into WordPress on this domain
    4. THEN direct every link to such files to http://yourwebsite.com

    If these conditions are not met, then give out the file – everyone’s happy.

    2. Using Hide Real Download Path plugin:

    This plugin helps you to hide real/direct path of files hosted on your server for download and make your files secure from unauthorized download. It also maintains a log of all downloads done using it and provide capability to disallow direct linking (hot linking) to your files from
    other website.

    With this you can:

    1. Allow or restrict hotlink (direct download) of your files from other website/external links.
    2. Restrict ‘download only’ from link on your website
    3. View log of individual download

    It support multiple files extensions including:

    zip / pdf / doc / xls / ppt / exe / gif / png / jpg / jpeg / mp3 / wav
    / mpeg / mpg / mpe / mov / avi / xlsx

    I hope this help you better. Let me know if there is any query regarding this.

  2. You could do this one of two ways.

    1) Simple way. Create a new file in your mp3 directory called index.php, and add this code to it

    <?php
    // Display no content
?>

    What this is doing is when a user goes to browse your directory, the web server will serve them the index.php file. Since there is no code in it, the user will be served a blank webpage as a result.

    2) Do this through .htaccess
    In your website’s root directory should be a .htaccess file. Open this up and add something like 

    Redirect 403 /mp3/ http://mysite.com

    The Redirect will automatically redirect anyone who tries to access the /mp3/ folder and send them to your main website of mysite.com. The 403 tells the browser that the request is Forbidden.