Hello, I'm having trouble downloading some files. I suspect someone on the team is 'inputting' a php script that downloads files from the server (such as bd configurations in production).
I wonder if it is possible to block the download via script. I've already blocked direct access through the url ( link ) and the permissions are read only to the apache user. However, when I run the code below, I can download the file and view its contents.
Here is an example code I wish to inhibit:
$arquivo = "path/file.php";
header("Content-Type: " . $tipo);
header("Content-Length: " . filesize($arquivo));
header("Content-Disposition: attachment; filename=" . basename($arquivo));
I've done a lot of research and only found out how to block direct access, however with the above code you can download the file.
Ps: I currently need to block a single file.