Ok.. to describe more.... I've got a directory with a lot of files inside it &lifier I'm not going anybody to have the ability to access these files by either obtaining a directory listing or by speculating the file location &lifier typing it in.... it shouldn't permit them to download it.

I accomplished this by putting the below during my .htaccess file:

Options -Indexes

Order Allow,Deny
Deny from all

However, I would like the consumer to have the ability to download the file Only When they can get on using a script (that is inside a different directory) that will provide them with the download. Right now using the above configurations it does not work.

I figured of putting something similar to..

Allow from domain.com

But I am not 100% sure what which means? Does that check in which the REQUEST is originating from &lifier hence it might work when the server demands use of that dir? ...or wouldn't it still not act as the consumer continues to be while using domain through the other script to gain access to the dir?


Should you dump the files by having an "script" you are able to store your files outdoors the documentroot. Which means you need no htacces file.

Possibly this can be a better workaround.