Re: [cobalt-security] Restricting access to certain file types HELP!

[Ted Behling <TBehling@xxxxxxxxxxxxx>]

At 10:23 PM 10/26/01, Ervin Tarkhanian wrote:
> I need to restrict access to all Real media files & Windows Media on a site.
>
>
> RedirectMatch .*.ram    http://www.domain.com/novideo.html
> RedirectMatch .*.rm     http://www.domain.com/novideo.html
> RedirectMatch .*.asx    http://www.domain.com/novideo.html
> RedirectMatch .*.asf    http://www.domain.com/novideo.html

Don't forget .wmv, .wma, .wax, .wvx, and .wm for Windows Media.  For Real, 
you might want to include .smi, .smil, .ra, .rmm, .rt, .rmj, .rms, and .rp 
.  Those are all the Windows Media- and RealPlayer-specific extensions 
listed in the programs' Open dialogs.  Of course, restricting access by 
file extension doesn't provide any real security, as user agents pay 
attention only to MIME types.  A Webmaster can assign any MIME type to any 
file extension in their .htaccess file or with a two-line CGI/PHP script 
that writes the header then echoes the file.  Therefore, you might be 
better off to restrict by MIME type rather than file extension, although I 
don't think this will get around the CGI/PHP possibility (haven't 
tried).  Do you care about QuickTime?

--------------------------------------------------------------------------
Ted Behling, Web Application Developer - Monarch Information Systems, Inc.

43 Folly Field Road, Unit 4, Hilton Head Island, SC 29928-5434
E-mail: mailto:TBehling@xxxxxxxxxxxxx
Phone/Fax: 1-800-842-7894    Local or Outside the USA: 1-843-842-7894
Cell Phone (urgent issues): 843-816-7895
Cell Phone E-mail: mailto:TedPhone@xxxxxxxxxxxxx (116 letter limit)
Web site: http://www.MonarchIS.net
--------------------------------------------------------------------------