Page 1 of 1

restricting access to folders on server

Posted: Mon Mar 24, 2008 6:29 am
by sudhakararaog
i am using apache server and presently when i try accessing any folders of my website i am able to browse the files ex = http://www.website.com/images which is a serious security risk as i am building a

forum website using php and mysql.

in the root directory i have created a .htaccess file and whenever someone access a file which is not

on the server i have created a user friendly message that the file does not exist instead of a 404

error message displayed by the browser.

similar to this how can i go about restricting users to browse all my folders in the toot directory.

if anyone accesses for ex = http://www.website.com/phpscripts an alert should appear asking them to enter a

username and password.

1. how can i do this using apache.
2. where do i write the username and password information and will this apply to all the folders in

the root directory or specific directories.

please advice.

thanks.

Re: restricting access to folders on server

Posted: Mon Mar 24, 2008 3:02 pm
by kaszu