Jun 6, 2012

Prevent directory browsing using htaccess - Security tip!

prevent directory browsing

If you visit a website like site.com/folder1/ it will display all its contents.
What if you had an inportant file in there, everyona can se it.
Dont worry, apache did for us!
Using a simple htaccess rule we can easily disable this option.

# this is a comment
#this is the rule we must add
Options -indexes

Alright, when someone tryes to access that folder it will get an 403 Forbitten and not be able to watch the file.
An other way is to add at every folder and index.html but the first one is more fast :)

No comments:

Post a Comment