How to protect public folder from being viewed when site is down


#1

Hi everyone
I run a django web app.
All my static files (css, js) are in the “public” folder as recommended by dreamhost.
I recently noticed that when the server is down (unrelated to my site), anyone navigating to my site has full browsing access to my public folder.

My question is how do I protect my public folder from being accessible when the server is down? Can this be solved with an htaccess file?

Thanks for your help


#2

One way is to install an index.html file in each folder you wish to stop public access. Put anything you wish as a message. Example:

<html><head><title>Access  Denied</title></head>
<body><br><br><h1>Access  Denied</h1>
</body></html>

Another way is to add this to you root level .htaccess file:

Options -Indexes

Note: Either method will block directory (folder) browsing. Each can be used independently or together (for that overkill satisfaction!)


#3

keyplyr - thanks so much. The index.html solution seems straight forward. How would I test that this is working?


#4

Just use your browser http://your-domain-name.com/folder-name

(replace with correct info)