This isn't impossible to work around, but accessing a file directly that forms part of your site is called "hotlinking", and you can block it in .htaccess by checking the referer of the call. If the person is viewing your site when they request the file, their referer should be your website address. It is pretty easy to circumvent, but should prevent casual downloading.
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www\.)?mydomain.com/.*$ [NC]
RewriteRule \.(woff|ttf)$ - [F]
So this is saying, If the referrer is not empty, and does not contain my website address, then respond to any attempts to download a file ending in .woff
or .ttf
with a 403 Forbidden
error.
You'll want to change the domain to match your own, and make sure the font suffixes you use are present.
This isn't possible. In order for a user to display a font, they need to download it to their machine. If you block the font from being downloaded, then the css url() function will not work. Remember that everything happens in the browser when it comes to rendering. – Paul – 2013-02-19T02:18:42.107
I see. I do understand that, I was hoping though, that there would be a possibility to restrict at least the superficial download, which is with a direct url... Thanks though, post an answer and I will accept it... – Luke San Antonio Bialecki – 2013-02-19T02:20:57.330
Ok, you could try hotlink prevention, see my answer below. – Paul – 2013-02-19T03:08:22.787