|
how to block access to certain files?
ok, here's a question I need some help with.
say I have domain.com/directory/ and in that directory is subdirectory images subdirectory cgi bin & a few more subdirectories & in directory is html files & some php & .txt & the .css & some scripts so, domain.com/directory/images and domain.com/directory/cgi_bin domain.com/directory/page10.php domain.com/directory/page10.css ok, now lets say visitor goes to domain.com./directory/page10.php and he cuts out page10.php so that it shows domain.com/directory & now he see's everything in that directory. What do I do so that people can not access this. also, I want to deny access to all the scripts, php files & .css & denie access to anything at all that is not an html page or image How can I block everyone out except for myself. |
for the record, what you want to do is called blocking directory listing.
ill assume that youre running apache because if youre not, you should be. if you are on shared hosting, forget about the first procedure below and hope that .htaccess is enabled for you. if its not, contact the server admin and ask him to enable it. if you have access to apaches config file (httpd.conf) and you want to disable directory listing for your ENTIRE server: - open httpd.conf - search for <Directory "!webroot!"> where !webroot! is the folder that your html files for the above mentioned domain.com are in (ie. /var/www/html or c:\apache2\htdocs) - look for a line that says 'Options Indexes FollowSymLinks' immediately after the above line. Remove 'Indexes'. - restart apache if you dont have access to httpd.conf, or dont want to turn off directory listing for your entire server, and you have .htaccess enabled: - in domain.com/directory create a file named .htaccess - add a single line 'Options FollowSymLinks' and save your changes if you want to use .htaccess but the above doesnt seem to work, and you have access to httpd.conf: - find <Directory "!webroot!"> as in the first procedure - find the following line 'AllowOverride None' and change to 'AllowOverride All' - restart apache - do the second above procedure sick of this yet? more reading: http://httpd.apache.org/docs/1.3/howto/htaccess.html http://javascriptkit.com/howto/htaccess11.shtml ill get back at you in this thread on the denying access thing. that is a related but potentially an even bigger pain than blocking directory listing. can you post the vitals on your hosing (shared or not) and software? |
another work around is using php for redirection.
Code:
<?php |
it is shared hosting, I do have htaccess & it is unix.
I did the htaccess & it denied the scripts in another directory access to files in the directory I tried blocking. |
Quote:
|
and it did work :thumbsup :thumbsup thanks nookster
And thank you porncaster for the links. some good info there :thumbsup ok, now, only thing it does not block is the .css & .js when I type in the url to the .css I get a save prompt. what can I do so that people are not able to download my .css & .js files |
god damn youve been here since 2001 and you dont know basic shit?
what the fuck have you been doing? |
Quote:
what's so basic about it? i have directories & subdirectories & scripts that are dependant on files withing the root, the directories & the subdirectories & when I tried blocking via method above, it denied the script access to the files. mod rewrite & htaccess & server config. are NOT basic to me. I inserted the index.php as above, & it denies the script access to the css I want to deny users from seeing the files in directories, but want the scripts to be able to read the files. I also do not want users to be able to print, download or view my .css & .js files |
| All times are GMT -7. The time now is 04:11 PM. |
Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2025, vBulletin Solutions, Inc.
©2000-, AI Media Network Inc123