Set a folder as access denied when some one try to locate it through browser

Question

In cakephp website, how can I set a folder as access denied when some one try to locate it through browser.

Example: by default someone try to type www.example.com/img will list all the images and directories in my cakephp website. I want to restrict it. That is some one try for it i need to display a message access denied.

How can I do this?

Answer 1

We can also use the htaccess file

Just apply this condition

    Options -Indexes 

in it

Answer 2

Route such requests to CakePHP

The default .htaccess file that comes with cakephp permits directory listings:

<IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteRule ^(.*)$ index.php [QSA,L]
</IfModule>

That means, if the request is not for a directory, and is not for a file - send it to CakePHP.

If you remove the directory rule:

<IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteRule ^(.*)$ index.php [QSA,L]
</IfModule>

Then only requests for files-on-disk are excluded, and all other requests (including requests for a dir listing e.g. the url /css/) will be sent to CakePHP where it will (unless you define a route for it) generate a standard 404 response.

Answer 3

If you want to disable directory browsing you should do this with your web server config, this will be the most efficient way of achieving what you want to do. In Apache it would be something like this:

<Directory "/path/to/your/webroot/img">
    Options -Indexes
</Directory>

You could also disable mod_autoindex completely.