how to prevent directory access and show forbidden error in php

Question

1. I am new to .htaccess, i want to know how to use .htacces to prevent direct access via url of my folder e.g. localhost/mycart/images/ OR localhost/mycart/css should

Answer 1

You can simply add the following to your .htaccess

# Don't listing directory
Options -Indexes
ErrorDocument 403 http://www.your-website-home-page.com/
# Follow symbolic links
Options +FollowSymLinks

# Default handler
DirectoryIndex index.php

This will load only the index.php file while file browsing. If no index.php file is found 403 error happens (Access restricted) and it will send the user to home page

Answer 2

I have used

# disable directory browsing
Options -Indexes

Conversely, to enable directory browsing, use the following directive:

# enable directory browsing
Options +Indexes

Likewise, this rule will prevent the server from listing directory contents:

# prevent folder listing
IndexIgnore *

And, finally, the IndexIgnore directive may be used to prevent the display of select file types:

# prevent display of select file types
IndexIgnore *.wmv *.mp4 *.avi *.etc

Courtesy From: Prevent Unauthorized Directory Browsing from Stupid HTACCESS Tricks.

It also contains many other useful commands to be used in .htaccess for security and performance enhancement.

Answer 3

If you want to deny access to all files:

deny from all

If you want to disable directory listing:

IndexIgnore *