Web Host Directory Forums

View original thread:  Easy question, but I'm clueless.


Pages: 1 
dahl
See my page here
http://www.andersdahl.com/secret/secretpages/
Well, that just plain sucks... I want my files "hidden" or not accessible when you come across a page like that. I want an "access denied" page for now, until I make a custom 404 page.

I'm using Dreamveawer 4 and my files should probably go in one of the following :

public ftp
public html > cgi-bin
www > cgi-bin

My host emailed me this, but it seems incorrect:

create an index.html file for each directory with something like "No
Access" on it and place it in each directory you do not want this to
occur. If you have any other questions please let us know.
Jaiem
That should work.

Or you can just put a password on the directory.
dahl
Thanks, it does work.
That's odd.. I guess it defaults to index.html if you don't have the right url.
TomWalker
yeah even if you have an index.html or a default.html in a folder it will link to that e.g. If i went to www.smile.com/home/ it would take me to www.smile.com/home/index.html or default.html!!
Rev
If you are on an apache server (linux), you can add a custom .htaccess file (just a plain text file named '.htaccess') with the following line in it:

Options -Index

Put that in the public_html folder, and it should disallow index viewing for that folder and all child folders.
dahl
Quote:
Originally posted by Rev
If you are on an apache server (linux), you can add a custom .htaccess file (just a plain text file named '.htaccess') with the following line in it:

Options -Index

Put that in the public_html folder, and it should disallow index viewing for that folder and all child folders.

I'm on Linux, so I should try that. Will that work as a 404 page too ?
Right now I have an index.html in every folder, but it's not very "elegant". I think I'll try this instead, or the defaults.html since i can tell them apart from my start page.
akashik
How friendly are you with your host? Ideally you could just suggest to them that they edit their config file via root to disallow directory browsing. In most cases there's no real reason to have browsing available, and not having it does tighten up security a little.

Greg Moore
dahl
I think they are a pretty big company, so I'm just a small fish, but they have been helpful.
yourdomainhost
Quote:
Originally posted by dahl

I'm on Linux, so I should try that. Will that work as a 404 page too ?


If the Options -Index / .htaccess thing worked for you, you should be able to define a custom 404 page by adding this line to your .htaccess file:

ErrorDocument 404 /missing.html

where "missing.html" is the name of the page you want your visitors to see when they receive the error message.

That should work for other errors, as well -- just change the error number and the page name.

For more info see

http://www.hostingmanual.net/other/htaccess.shtml , http://www.hostingmanual.net/other/htfun.shtml , and/or
http://wsabstract.com/howto/htaccess.shtml

James
Return to Thread List