发表新帖
发表新帖

Using htaccess, how to restrict seeing directory contents, but allow server to use the contents?

后端 未结
关注
11 1809
既然无缘
既然无缘 2021-01-30 22:38

More specifically, I have an htaccess file that restricts anyone from seeing the directory contents. Such that, nobody can see my 1000s of images in www.example.com/images by us

相关标签:
11条回答
  • 渐次进展
    2021-01-30 23:17

    Option 1 (Easy but not Preferable)-

    You do not need to create an index file like this-

    <html>
  <title>Forbidden!</title>
  <body>
    <h1>Access Denied !!</h1>
  </body>
</html>

    And place it in each resource directories and directories you don't want to show users.

    Option 2 (More Preferable)-

    You can just add this at the end of your .htaccess file-

    Options -Indexes

    So, your .htaccess file may be like this-

    <IfModule mod_rewrite.c>
    <IfModule mod_negotiation.c>
        Options -MultiViews
    </IfModule>

    RewriteEngine On

    # Redirect Trailing Slashes If Not A Folder...
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule ^(.*)/$ /$1 [L,R=301]

    # Handle Front Controller...
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteRule ^ index.php [L]

    # Handle Authorization Header
    RewriteCond %{HTTP:Authorization} .
    RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]

    Options -Indexes
</IfModule>

    If you do that and try to go to a directory, you would get something like this-

    So, no one will be able to discover any directory in server.

    More can be found here.

    0 讨论(0)
  • 无人及你
    2021-01-30 23:19

    in that folder which you want to show access forbidden create a file with name index.php and paste this code

    <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>403 Forbidden</title>
</head><body>
<h1>Forbidden</h1>
<p>You don't have permission to access This Folder
on this server.</p>
</body></html>

    0 讨论(0)
  • 生来不讨喜
    2021-01-30 23:23

    All you need to keep people from seeing the directory contents is an index.php or .html file in that folder. Any requests for yoursite.com/images will load index.php, which you'll set to a dummy page.

    index.html could be something like:

    <html><title>Forbidden!</title><body>Nothing to see here...</body></html>

    or a redirect script index.php:

    <?php header('Location: /index.php'); exit(); ?>

    Don't use .htaccess for blocking directory listings, it blocks access to everything.

    0 讨论(0)
  • 天命终不由人
    2021-01-30 23:23

    Simplest solution : create a blank page name index.html in your image folder :)

    0 讨论(0)
  • 时光取名叫无心
    2021-01-30 23:35

    Magicianeer's suggestion is the best for this problem. If your images are broken into subfolders you'd have to put an index file in each one. 'Options -Indexes' only needs to be done once at the root.

    0 讨论(0)
  • 时光说笑
    2021-01-30 23:40

    in .htaccess

    Options -Indexes

    http://httpd.apache.org/docs/current/mod/core.html#options

    0 讨论(0)
 看不清?
提交回复
热议问题