Tags:







Advertise here: Contact FM.


How do you disable access to a root directory on a web server?
March 2, 2009 12:14 PM   RSS feed for this thread Subscribe

How do you disable access to a root directory on a web server?

We have individual files that we're happy to let people download, but we don't necessarily want them going to the root directory to download all the files.

e.g.

http://www.example.com/files/filenumber1.jpg (okay)
http://www.example.com/files/ (not okay)

Can anybody point me in the right direction so that a user who tries the second URL is denied access? Should we be looking in httaccess? cpanel? Somewhere else? I was surprised to not find an answer after Googling around.
posted by jrholt to computers & internet (5 comments total) 1 user marked this as a favorite
In your .htaccess file:

Options -Indexes
posted by Jairus at 12:19 PM on March 2


You could do it with .htaccess, providing you are using an Apache server, or the like. You could also simply put an empty file in that directory, named index.php, or index.htm, as that will be all a normal visitor can see.
posted by ijsbrand at 12:21 PM on March 2


Fast and easy way is to put an index.html in that directory with either no content or some message.

The more correct answer is to use .htaccess and turn indexes off. This assumes you are using Apache as a web server.

http://httpd.apache.org/docs/2.0/mod/core.html#options

This can be in your .htaccess if the server is configured to allow this in your .htaccess.
posted by advicepig at 12:26 PM on March 2


These approaches won't prevent users from downloading files whose names they guess (which may or may not be relevant, depending on how guessable the names are and how sensitive the content is.) You might want to put the files intended for the public in their own subdirectory (which could be filled with symbolic links to the real files, if you like.)
posted by Zed at 12:38 PM on March 2


Excellent! These were all very helpful and right on the money. I used the Options -Indexes in the .htaccess file and it solved the problem. Thank you for your help!
posted by jrholt at 5:12 PM on March 2


« Older How can I hide these hideous, ...   |   Can anyone recommend a Spanish... Newer »

You are not logged in, either login or create an account to post comments