how can I protect files in the public folder in the CodeIgniter framework to be not viewed by a user who is not logged in? My public folder structure is as follows:
- public
- logs
- detailed_logs(public/logs/detailed_logs)
- error_logs(public/logs/error_logs)
- code
- device.js(public/code/device.js)
- logs
I am able to access the files using the below URLs without logging in to the system.
https://<ip_address>/logs/detailed_logs
https://<ip_address>/code/device.js
Can someone help me in making it only accessible to the user who is logged in?
CodePudding user response:
I added the .htaccess file to the logs folder and allowed access only to the index.php file. I also created PHP files for each log file and checked whether a user is logged in using the session variable and read the contents of the respective log files when verified the user is logged in. Thanks for the help!