restricting access to folders on server
Posted: Mon Mar 24, 2008 6:29 am
i am using apache server and presently when i try accessing any folders of my website i am able to browse the files ex = http://www.website.com/images which is a serious security risk as i am building a
forum website using php and mysql.
in the root directory i have created a .htaccess file and whenever someone access a file which is not
on the server i have created a user friendly message that the file does not exist instead of a 404
error message displayed by the browser.
similar to this how can i go about restricting users to browse all my folders in the toot directory.
if anyone accesses for ex = http://www.website.com/phpscripts an alert should appear asking them to enter a
username and password.
1. how can i do this using apache.
2. where do i write the username and password information and will this apply to all the folders in
the root directory or specific directories.
please advice.
thanks.
forum website using php and mysql.
in the root directory i have created a .htaccess file and whenever someone access a file which is not
on the server i have created a user friendly message that the file does not exist instead of a 404
error message displayed by the browser.
similar to this how can i go about restricting users to browse all my folders in the toot directory.
if anyone accesses for ex = http://www.website.com/phpscripts an alert should appear asking them to enter a
username and password.
1. how can i do this using apache.
2. where do i write the username and password information and will this apply to all the folders in
the root directory or specific directories.
please advice.
thanks.