protect a directory BUT...

Hi ppl
I'm wondering if with Apache it is possible to
protect the content of a directory IF the referer is the domain itself and refuse access if let's say someone type it in the browser...

ex:
http://www.mysite.com/members/myfile.html

myfile.html calls a file let's say download.zip
this should work but if someone types directly
http://www.mysite.com/members/download.zip, this should now work because the referer is thae page before... so it gives access refused...

actually the idea behind all this is to refuse access to "web sucking" applications such as 'wget' in linux. yes I know I can use robots.txt but I don't want to in case a home made application ignores the robots.txt file.

thanks in advance.

There are many ways to restrict access based on HTTP_REFERER. Start here -> http://forums.devshed.com/showthread.php?threadid=8952

Don't forget, HTTP_REFERER can be easily spoofed.

The best way to do this is to have the referering page be a script that sets a unique, time sensitive, identification value based on the ip of the client.

Simple way to do this in something like PHP, make a mysql table, ie "dl_auth", with fields for ip, timestamp, authcode. Then when you query the download, check the value against the ip and time. Also have the script check for an "old" timestamp on execution and remove it from the table.

Not a .htaccess solution, but it should work.