Reputation: 624
Stop people from viewing contents of a directory
I want to stop people from viewing the contents of my images directory. I've built an app using Codeigniter and notice that they just have index.html pages with a 403 Forbidden message in all directories - is this a secure method to use? Is an index.html page in the directory sufficient or do I need to update config or .htaccess?
Upvotes: 2
Views: 1479
Answers (3)
Reputation: 303
The .htaccess solution should work if you're comfortable using it.
Options -IndexesIf you are on a shared host with cPanel, you can change your settings in Index Manager
Upvotes: 4
Reputation: 2266
In general you need more than just an index.html, depending on you server configuration you can still get a directory listing. None of the files in the directory will be protected either.
Your best bet is to do al of the above, update the server config to limit access and also set policy via .htaccess if that is appropriate. Finally, if you don't want it to be served it really should not be part of the directory structure being published by the server.
Upvotes: 1
Reputation: 701
The index.html should be enough and secure, but it is not really a clean solution, because it is not actually returning a error message, it is probably still returning HTTP 200 and then showing the html page with error 403.
The clean solution would be adding
Options -Indexes
to the .htaccess file.
Upvotes: 2
Related Questions
- Codeigniter : Protect folder from direct access
- How to protect files in public folder in codeIgniter?
- How to prevent direct access to the files with CodeIgniter
- How to prevent direct access to files from browser?
- Avoiding the users to be able to see a directory in php
- Restrict browser access to directory files
- prevent directory access
- how do i get to restrict access to my folders
- Restricting direct access to your view-files in CodeIgniter?
- Prevent direct access to files with .htaccess