Geek Answers Handbook

.htaccess does not allow the user to view files in my folder that do not have index.php

On my server, I created a folder in which there is no index.php or index.html.

folder1/test.php folder1/sample.php folder1/hello.php

When I tried to visit this folder, it shows all the files there.

This is my concern, it should not show files in my folder, because it is prone to hacking. It should display the page, for example, Deny 403. I do not want to use index.php to redirect them somewhere.

I heard that this is related to .htaccess, and that is a reasonable thing.

Please teach me how to do this.

+4
source share
4 answers

In the .htaccess file at the root of your document ...

 Options -Indexes

See http://httpd.apache.org/docs/2.2/mod/core.html#options

+3
source

This is called a directory list. You must add a file named .htaccess to folder1 and add the following line to it

 IndexIgnore *

to prohibit the list of directories for listing any files.

+2
source

What you mean is called Directory Browsing and is generally bad. To prevent directories from being viewed, create or modify the .htaccess file in the root directory of your site.

If you are creating a .htaccess file, put this line inside it:

 Options All -Indexes

If you change, find

Parameters All + Indexes

and change it to Options All -Indexes

If you do not see the Indexes directive, add the line from option 1. This should do it.

+1
source

Yes, you can put:

 Options -Indexes

Or that:

 IndexIngnore *

But to execute .htaccess you have to put something simlar in:

 AllowOverride All

In httpd.conf or similar in server configuration

+1
source

More articles:


All Articles