keep people out of a directory

XML, Perl, Python, and other languages can be discussed here, even if it isn't PHP (We might forgive you).

Moderator: General Moderators

Post Reply
User avatar
Luke
The Ninja Space Mod
Posts: 6424
Joined: Fri Aug 05, 2005 1:53 pm
Location: Paradise, CA

keep people out of a directory

Post by Luke »

Say I have files on the server in a folder called 'filebin' under the root directory. How could I keep people from accessing files in it? I assume htaccess of some sort?
GRPsuper
Forum Newbie
Posts: 18
Joined: Fri Apr 14, 2006 9:47 pm

Post by GRPsuper »

lmao, i was doing this today too... i found out u can just add an index.html or index.php in it. and inside the index file, just say forbidden, u dont have enough access... or whatever lol
User avatar
Luke
The Ninja Space Mod
Posts: 6424
Joined: Fri Aug 05, 2005 1:53 pm
Location: Paradise, CA

Post by Luke »

that doesn't prevent people from going to mypage.com/forbiddendir/filethatidontwantdownloaded.pdf

That only prevents prople from going to mypage.com/forbiddendir/ and seeing my files.
GRPsuper
Forum Newbie
Posts: 18
Joined: Fri Apr 14, 2006 9:47 pm

Post by GRPsuper »

well, u said root directory, i dind't know u meant file...
User avatar
wtf
Forum Contributor
Posts: 331
Joined: Thu Nov 03, 2005 5:27 pm

Post by wtf »

htaccess could do the job however if your files are of 'very sensitive nature' best way to handle this would be to move them outside of your webroot and provide access based on the authentication.
User avatar
RobertGonzalez
Site Administrator
Posts: 14293
Joined: Tue Sep 09, 2003 6:04 pm
Location: Fremont, CA, USA

Post by RobertGonzalez »

Use PHP to generate the file or allow downloads. Keep them above root level to keep people from getting to them.
User avatar
Luke
The Ninja Space Mod
Posts: 6424
Joined: Fri Aug 05, 2005 1:53 pm
Location: Paradise, CA

Post by Luke »

OK... I already use php to read the files, so I guess it wouldn't be that hard to move them above the root.
Post Reply