Page 1 of 1

how to prevent user access file directory

Posted: Tue Apr 01, 2003 9:02 pm
by valen53
how to prevent user access file directory? such as when user only type URL : domainname/directory/
files in the directory will be display... how to prevent the files display ?
like use IIS , i can tick for not to browse the files.
thank u for helping.

Posted: Tue Apr 01, 2003 9:24 pm
by McGruff
I'm not sure I've completely got your question but here goes.

With apache, you can protect whole folders with .htaccess (deny from all). Any files in the folder (and subfolders as well if I remember rightly) can't be opened by typing in a URL to the filename, but they can be included / required by php. Your dlid script likes to live in an .htaccess protected folder, for example.

You can set other .htaccess as well as "deny from all" to suit your needs - google around and you'll find more info.

Not sure if you can .htaccess with PWS - never used it.

If you'd like to try apache, take a look at easyphp.org (apache/mysql/php for Windows in one easy install). You might need to uninstall PWS first to get it to run.

Posted: Wed Apr 02, 2003 8:19 am
by Beans
I think there's a setting in Apache which will allow you not to show the file listing for directories without an index.* file

Posted: Wed Apr 02, 2003 8:30 am
by twigletmac
It would probably help those trying to assist if you told us exactly which webserver you are using - is it IIS or Apache or something else?

Mac

Posted: Wed Apr 02, 2003 9:02 am
by volka
For apache:
I use DirectoryIndex to prevent directory listings. It's set to DirectoryIndex index.html index.php /forbidden.html.

Options -Indexes will turn off the auto-index created by mod_autoindex.