how to prevent user access file directory

XML, Perl, Python, and other languages can be discussed here, even if it isn't PHP (We might forgive you).

Moderator: General Moderators

Post Reply
valen53
Forum Contributor
Posts: 137
Joined: Tue Aug 27, 2002 9:29 am

how to prevent user access file directory

Post by valen53 »

how to prevent user access file directory? such as when user only type URL : domainname/directory/
files in the directory will be display... how to prevent the files display ?
like use IIS , i can tick for not to browse the files.
thank u for helping.
McGruff
DevNet Master
Posts: 2893
Joined: Thu Jan 30, 2003 8:26 pm
Location: Glasgow, Scotland

Post by McGruff »

I'm not sure I've completely got your question but here goes.

With apache, you can protect whole folders with .htaccess (deny from all). Any files in the folder (and subfolders as well if I remember rightly) can't be opened by typing in a URL to the filename, but they can be included / required by php. Your dlid script likes to live in an .htaccess protected folder, for example.

You can set other .htaccess as well as "deny from all" to suit your needs - google around and you'll find more info.

Not sure if you can .htaccess with PWS - never used it.

If you'd like to try apache, take a look at easyphp.org (apache/mysql/php for Windows in one easy install). You might need to uninstall PWS first to get it to run.
Beans
Forum Commoner
Posts: 49
Joined: Mon Dec 23, 2002 3:06 am
Location: Manila, Philippines
Contact:

Post by Beans »

I think there's a setting in Apache which will allow you not to show the file listing for directories without an index.* file
User avatar
twigletmac
Her Royal Site Adminness
Posts: 5371
Joined: Tue Apr 23, 2002 2:21 am
Location: Essex, UK

Post by twigletmac »

It would probably help those trying to assist if you told us exactly which webserver you are using - is it IIS or Apache or something else?

Mac
User avatar
volka
DevNet Evangelist
Posts: 8391
Joined: Tue May 07, 2002 9:48 am
Location: Berlin, ger

Post by volka »

For apache:
I use DirectoryIndex to prevent directory listings. It's set to DirectoryIndex index.html index.php /forbidden.html.

Options -Indexes will turn off the auto-index created by mod_autoindex.
Post Reply