I'm developing a web application and I need to save and show images and pdf documents.
I wanted to deny direct access to the images and documents and to its container file. I mean, that when someone try to acess via url to the folder, should receive a 403-forbidden error.
For this I created a .htaccess file inside the folder like this:
Order deny,allow
Deny from all
Using my web application, via a php script, there is no problem accessing the pdf docments like this
header('content-type: application/pdf');
readfile('../../../files/'.$document);
But when I try to access the images using <img style=max-width:100% src=../files/'.$image.'>'
my access is denied and I receive a http status code 403 forbidden.
How can I access the images using my web application, but denying the direct access to the images?
Also I would like to know why I can access the pdf documents, but I can't access the images.