HELP please..

[Therave]

HI all

Im going to give up!!!!!

Any one help with .htaccess file

I have a folder called /private
this folders index page is accessed via a login page
the login page is main folder that Private is a sub folder of.

how to i stop people just typing ***** /login/private/index.htm and passing my login page.

I only want any access to /private or its subfolders to be done if the person has come via my login page.

Any idears folks???

someone must know...
please help..........

[crouse]

using the .htaccess page itself you can limit via REFERERS

IE: (from http://unix.support.superb.net/data/web-pw.php)
---------------------------------
Create a file .htaccess in that directory that looks similar to:

AuthUserFile /dev/null
AuthGroupFile /dev/null

RewriteEngine On
RewriteCond %{HTTP_REFERER} !^http://yourdomain.com/restricted/
RewriteCond %{HTTP_REFERER} !^http://www.yourdomain.com/restricted/
RewriteCond %{HTTP_REFERER} !^http://yourdomain.com/
RewriteCond %{HTTP_REFERER} !^http://www.yourdomain.com/
RewriteCond %{HTTP_REFERER} !^http://authorizedlinksite.com/
RewriteCond %{HTTP_REFERER} !^http://www.authorizedlinksite.com/
RewriteRule /* http://www.yoursite.com/restricted/index.html [R,L]

where yourdomain.com is your domain and authorizedlinksite.com is a site that can link to your restricted directory. There can be no, or multiple, such authorized link sites. Note that the trailing slashes (/) are important and must be included.

Now try to access the authorized directory from a link on your site, from a link on the authorized site(s), if any, and, if possible, from a link from an unauthorized site (to ensure that it is restricting access properly). The latter test can be conducted using a link from a sub-directory of your site (eg. http://www.yourdomain.com/somedirectory/) that is not listed as a valid referrer as well.
---------------------------------

HTH's