Home/ Questions/Q 8078409
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-05T15:47:04+00:00

I have 2 servers. On Server 1 I have a WordPress website. On Server

  • 0

I have 2 servers. On Server 1 I have a WordPress website. On Server 2 I have large .zip files that I want members from the WordPress site to be able to download.

How do I authenticate these users so that only people that are members of the website can download files from the second server?

Is it possible to use PHP so that only referrers from my domain have access to the files?

Note: The links to download the files are protected on the wordpress site so that non-logged in users are redirected to a join page. However, current and ex-members would still know the directory where the downloads are and could possibly download the files or share the links.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    There are several ways of doing this. The most secure way would be to have some back-end communication between Server 1 & Server 2. But here is an easy alternative:

    Server 2 : download.php

    <?PHP
 $file = $_GET['f'];
 $code = $_GET['c']; 
 $ip = $_SERVER['REMOTE_ADDR'];

 if ($code != md5($ip . 'salt')) {
    die('authentication denied');
 }

 if(!file)
 {
     die('file not found');
 }

 // Set headers
 header("Cache-Control: public");
 header("Content-Description: File Transfer");
 header("Content-Disposition: attachment; filename=$file");
 header("Content-Type: application/zip");
 header("Content-Transfer-Encoding: binary");

 // Read the file from disk
 readfile('/files/downloads/' . $file);

?>

    Server 1 : Download link

    <?PHP
 echo '<a href="http://server2.com/download.php?f=text.txt&c=' . md5($_SERVER['REMOTE_ADDR'] . 'salt') / '">Download File</a>';
?>

    This system works by creating a link that can only be used on the IP it was generated for. So a registered user cannot share the link elsewhere. It’s not the most secure thing but it’s easy to implement and will work.

    • 0