stop accessing folder through url
Moderator: General Moderators
stop accessing folder through url
hii all....im making awebsite in php-mysql....my root folder name is newproject1 and it is in htdoc folder, folder newproject1 contains files and folder one of the folder is style and another is image.....the url when i run a website is http://localhost/newproject1/filename.php ...but if i chage it to http://localhost/newproject1/style or http://localhost/newproject1/image .....it shows all files and folder within these two folder and access them....so how to stop these..
- flying_circus
- Forum Regular
- Posts: 732
- Joined: Wed Mar 05, 2008 10:23 pm
- Location: Sunriver, OR
Re: stop accessing folder through url
You can put an index.php file in those directories which is either blank, or has a redirect to your homepage. You can also place those files below the document and use a PHP to stream them on demand, but this is not typical for public images and styles.
Re: stop accessing folder through url
Another method is drop an .htaccess file in each directory, that just has the following two lines
[text]Options -Indexes
ErrorDocument 403 http://www.yoursitedomain.com/[/text]
The first line says not to display directory index (most hosts let you override this value)
The second line says that when someone gets a 403 error (what you get when get from the above), take them to the specified URL
Note the following about the URL: If you give the full URL (as I gave above), your browser will actually redirect to that URL. If you give just a relative path like the example below, your browser will still show the URL the person browsed to, but display the page listed below:
[text]Options -Indexes
ErrorDocument 403 /[/text]
Nice part of this method over dropping in a index file in each directory is it takes care of the directory you put it in, and any subdirectories in them. And if you don't don't have a need for directory listing at all on the site, put the .htaccess file in the root of the site and it will take care of it all!
-Greg
[text]Options -Indexes
ErrorDocument 403 http://www.yoursitedomain.com/[/text]
The first line says not to display directory index (most hosts let you override this value)
The second line says that when someone gets a 403 error (what you get when get from the above), take them to the specified URL
Note the following about the URL: If you give the full URL (as I gave above), your browser will actually redirect to that URL. If you give just a relative path like the example below, your browser will still show the URL the person browsed to, but display the page listed below:
[text]Options -Indexes
ErrorDocument 403 /[/text]
Nice part of this method over dropping in a index file in each directory is it takes care of the directory you put it in, and any subdirectories in them. And if you don't don't have a need for directory listing at all on the site, put the .htaccess file in the root of the site and it will take care of it all!
-Greg
- social_experiment
- DevNet Master
- Posts: 2793
- Joined: Sun Feb 15, 2009 11:08 am
- Location: .za
Re: stop accessing folder through url
Wouldn't one .htaccess file in the root folder also suffice? I have only 1 .htaccess folder with the following inside it and it also prohibits directory browsing.twinedev wrote:Another method is drop an .htaccess file in each directory
[text]
IndexIgnore *
Options -Indexes
[/text]
“Don’t worry if it doesn’t work right. If everything did, you’d be out of a job.” - Mosher’s Law of Software Engineering
- flying_circus
- Forum Regular
- Posts: 732
- Joined: Wed Mar 05, 2008 10:23 pm
- Location: Sunriver, OR
Re: stop accessing folder through url
Awesome, I'm glad you guys posted! I knew it was possible to accomplish the same goal with .htaccess but I wasn't confident enough to include it as a solution. I got to learn something new too 
Re: stop accessing folder through url
Yes, that was at the end of my post:social_experiment wrote:Wouldn't one .htaccess file in the root folder also suffice?
twinedev wrote:And if you don't don't have a need for directory listing at all on the site, put the .htaccess file in the root of the site and it will take care of it all!
- social_experiment
- DevNet Master
- Posts: 2793
- Joined: Sun Feb 15, 2009 11:08 am
- Location: .za
Re: stop accessing folder through url
Missed that on the first read through 
“Don’t worry if it doesn’t work right. If everything did, you’d be out of a job.” - Mosher’s Law of Software Engineering