Page 1 of 1

keep people out of a directory

Posted: Wed Jul 19, 2006 6:05 pm
by Luke
Say I have files on the server in a folder called 'filebin' under the root directory. How could I keep people from accessing files in it? I assume htaccess of some sort?

Posted: Thu Jul 20, 2006 11:36 am
by GRPsuper
lmao, i was doing this today too... i found out u can just add an index.html or index.php in it. and inside the index file, just say forbidden, u dont have enough access... or whatever lol

Posted: Thu Jul 20, 2006 12:44 pm
by Luke
that doesn't prevent people from going to mypage.com/forbiddendir/filethatidontwantdownloaded.pdf

That only prevents prople from going to mypage.com/forbiddendir/ and seeing my files.

Posted: Thu Jul 20, 2006 12:50 pm
by GRPsuper
well, u said root directory, i dind't know u meant file...

Posted: Thu Jul 20, 2006 12:50 pm
by wtf
htaccess could do the job however if your files are of 'very sensitive nature' best way to handle this would be to move them outside of your webroot and provide access based on the authentication.

Posted: Thu Jul 20, 2006 1:16 pm
by RobertGonzalez
Use PHP to generate the file or allow downloads. Keep them above root level to keep people from getting to them.

Posted: Thu Jul 20, 2006 1:21 pm
by Luke
OK... I already use php to read the files, so I guess it wouldn't be that hard to move them above the root.