Securing directory


#1

I didn’t have this issue on my prior webhost, so I can’t remember how I used to fix it, but what’s the best way to secure the contents of a directory so no one can just put in www.mydomain/stuff/ and see a list of everything in that path?

Thanks.


#2

Using Htaccess you can password protect a direcotry

Panel> Goodies > htaccess

is this what you want?

-Matttail


#3

A .htaccess file (maybe you already have one?) in the directory you want to hide the list from with this line in it:

Options -indexes

should do the trick. It doesn’t password protect, just keeps the files from being listed.

~Chell


#4

–>>A .htaccess file (maybe you already have one?) in the directory you want to hide the list from with this line in it: Options –indexes<<–
unfortunately, i am a complete idiot. i have read the instructions that say “add the following line in your .htaccess file to disable a directory’s contents from being shown: Options –Indexes” however, i am VERY new to all this and don’t know what they mean by “directory”.
i want to prevent people from pulling up the list of all my images. i’m using front page to help me with the whole web site set up, and i write a lot of html, but when the instructions say “directory” do they mean the file folder labeled “images” where i keep all my images? if so, when they say “add a file” do they mean a blank web page?
i feel like an idiot asking what appear to be such simple questions, but my giant front page book isn’t any help and i just don’t know what to do.


#5

Yes.

No, they mean if you do not have an existing .htaccess file, create one using a text editor (e.g. Notepad, NOT FrontPage). The file needs to be named “.htaccess” --without the quotation marks. The dot in the file name, .htaccess, must be retained, it is not a typo.

All the best,
marsbar


#6

hello, marsbar

thank you so much for your reply. hopefully, you will not mind if i ask a few more questions.

i do have notepad on my computer, and i can open a blank doc and insert the line “Options –indexes” (without the quotes) and when i hit “save”, notepad wants to save the doc as a “.txt” doc, obviously. so, from this i understand my file would be named something like: “newfile.htaccess” without the quotes, with notepad adding the “.txt” as the extension.

okay, so i save this new file called “newfile.htaccess.txt” INSIDE my images file folder on my website? i did this, but then when i go to the web and type in my website name i can still pull up all my images.

how do i get it so that when people type in www.mywebsite.com/images all they get is a blank page rather than a list of all the images in that file folder?

i obviously am missing a big part of the mental picture here. thank you for your patience…penny


#7

Rename the file, the htaccess file ends with .htaccess not .txt.
BTW, when saving a file in notepad, you can change the file type from text document to all files, then it won’t add the .txt at the end.
Silk


#8

yep, it should just end in .htaccess. It should also not have “newfile” at the beginning. Just “.htaccess” without the quotes. If your ftp software is not set up to show hidden files, .htaccess may “disappear” after you upload it or rename it properly. Don’t worry, it’s still there.

~Chell


#9

G’day, Penny.

Using the .htaccess method, people will see a ‘directory listing denied’ message when they attempt to browse your images directory. But if you just want people to see a blank page, then just create a blank HTML page, name it “index.html” (without the quotes), and then pop it in your images directory. That’s it! :slight_smile:

All the best -
marsbar