I love to hot link off my server and I do it all the time, but I need to disable it form one folder how do I do this?
Disable script being ran in folder and have it viewed normally so they can like download it. Like download a .php without just seeing the html.
If you can answer either of the questions it will help a ton.
I’m really not all that great with .htaccess files. Most of the time I end up needing to play around with them a bit before I get it right. So instead I thought I’d post a link or two to help.
The following are for image hotlinking:
http://altlab.com/htaccess_tutorial.html
http://underscorebleach.net/jotsheet/2004/11/stop-image-hotlinking-tutorial-htaccess-apache
http://www.trap17.com/index.php/how-stop-image-hot-linking_t27222.html
Sorry but on this one I haven’t really got a clue, and not that much time right now to read through a lot of stuff. I’ll check back here on Monday and if no one’s answered this on, I’ll do a bit of looking around and see if I can find something for you.
Yea still cant figure out he second part
Thanks Ankou.
Okay I think I figured out #2…
If you have access to your httpd.conf file check to see for <Directoy “YOUR PATH”> and make sure that you have AllowOverride All – of course you can check the apache manual and use something other than All, I’m not sure of your setup.
If that’s good then make an .htaccess file and in that put:
AddType text/plain .php
That will allow the browser to display the code in all .php files. If you wanted to add other files to that line as well…
AddType text/plain .php .html
That should work…
“AddType text/plain .php” is strongly dissuadable for security reasons.
I would assume that’s only when you don’t want folks to see your code everywhere, but it is contained to one directory meant for showing code, I don’t see a problem? Is dissuadable a word?
I actually use that htaccess line often, so if you wouldn’t mind explaining the security exploits, I’d appreciate it.
Isn’t to dissuade not the opposite of to recommend, to advise?
Anyhow, any action that makes your code more accesible in any degree, makes your system vulnerable. For instance, it can uncover your approach to smartquoting, your global settings and weak links like the use of eval() functions and others. But probably the biggest risk is forgetfulness - you don’t check your init files (like .htacces) daily, and might tend to put the wrong data in the wrong files.
( I even mask the script language I use on my systems - “Options MultiViews” does a great job for that)
Therefore, “AddType text/plain .php” is strongly dissuadable for security reasons.
Don’t know about that word, the prefix seems to be used correctly, but is suade anything in some dead language? Who knows…
And, the whole purpose of using it is to reveal php contents, these can be used for tutorials and the like. I don’t think he wants to reveal his entire system and let people hack it.
No harm in using it as long as you want the people to see the script, which is its direct purpose.
Oh and Temp, you should try saving and uploading as .phps, some servers have the extension phps to show the code contained within all formatted up (colored and all)
…lol thanks guys that works perfectly.
Good idea harish but this works out just fine… and it works fine for .asp also.
Just a suggestion, The formatting functionality makes me drool. 
I’ve yet to find out what does the PHPS formatting, not that I’ve been looking.
I believe it’s like using the highlight_file() php function, but works based off AddType application/x-httpd-php-source .phps (boy I hope I remembered that correctly).
:: Copyright KIRUPA 2024 //--