Protecting directories from prying eyes

hcgtv · 2006-09-29 21:06:54

ruud, I’ve tested Gallery2 and it puts the image directory outside the web root with a fancy .htaccess file and uses a php script to grab the images, so I can relate to your earlier post.

The example .htaccess above doesn’t include all the directories, like /include or /lib, is it because these are safe to leave open or because it would cause problems?

ruud · 2006-09-29 21:30:20

What my .htaccess example does is deny access by default and grant access only to the files mentioned. Since /lib and /include aren’t mentioned, you can’t access them. (just corrected a mistake, because you don’t need access to publish.php)

Last edited by ruud (2006-09-29 21:32:31)

hcgtv · 2006-09-29 23:16:10

ruud, I uploaded your .htaccess into 5 sites running 4.0.3 and 1 site that’s running what is to be 4.0.4 and I have no problems to report.

I uploaded an index.php to /files and /images containing 1 line:
<code><?php header(“Location: ../”) ?></code>

Now I feel better, thanks for taking the time.

Mary · 2006-09-30 11:37:26

It’s much simpler than that:

Options -Indexes

els · 2006-09-30 13:58:04

Mary wrote:

It’s much simpler than that:

Super! Thanks :)

Textpattern CMS

Textpattern CMS support forum

#13 2006-09-29 21:06:54

Re: Protecting directories from prying eyes

#14 2006-09-29 21:30:20

Re: Protecting directories from prying eyes

#15 2006-09-29 23:16:10

Re: Protecting directories from prying eyes

#16 2006-09-30 11:37:26

Re: Protecting directories from prying eyes

#17 2006-09-30 13:58:04

Re: Protecting directories from prying eyes

Board footer