General Web Site Question

This site is best viewed in a modern browser with JavaScript enabled.

ky0ung

Alright so right now a person can type my url and a folder name and access the directory. This is NOT GOOD. How do i set it so it redirects to a 404?

savvykms

You could always make a fake index.html/php whatever and throw it into the directories you want blocked off, it is a cheap and flawed method, but it turns back most people. Another method is to password protect directories or set up redirection. It depends on your web server, be it the Apache web server, a Microsoft one, or some other httpd.

NogDog

If it is running on Apache, you can either change the Apache settings or use a .htaccess file in the web root directory to disallow directory listings:

Options -Indexes

ky0ung

Thanks guys!

Is that all I have to do with the htaccess file?

NogDog

That's all you need in it for this issue.

Jarrod1937

If they are just include files you can also throw in a "deny from all" into the htaccess to make the files inaccessible even if someone knows the filename (or could guess it).

savvykms

Jarrod1937;1111858 wrote:
If they are just include files you can also throw in a "deny from all" into the htaccess to make the files inaccessible even if someone knows the filename (or could guess it).

Good idea, I forgot about good old ACLs, which is odd, considering I just spent two years in a school learning about them every other week in a networking course.