Josh Josh - 5 months ago 31
Apache Configuration Question

How to prevent people from accessing source videos without logining in?

I am trying to make a login that would give you access to some videos, pictures, and other files. I can do this with php and a get request (
) and making sure they have a cookie of some sort, but I am unsure how to prevent someone from just typing in the link of the source files (
). I need away to prevent people from accessing the source files.


  • macOS Sierra 10.12.6

  • Apache


Answer Source

Put the source files in some directory that is not public, or use an HTAccess. Then, use file_get_contents() and echo to spit out the video. It might look something like this:


if($_SESSION["username"]!==null)//whatever auth mechanism
if(file_exists("videos/".  str_replace( [ '\\', '.', '/'], '', $_GET["video"] ). ".mp4"))
header("Content-Type: video/mp4");
readfile("videos/".  str_replace( [ '\\', '.', '/'], '', $_GET["video"] ). ".mp4");

header("HTTP/1.1 404 Not Found");
header("HTTP/1.1 401 Unauthorized");
Recommended from our users: Dynamic Network Monitoring from WhatsUp Gold from IPSwitch. Free Download