Jump to content

Archived

This topic is now archived and is closed to further replies.

hugh90

How do you prevent a site from being exposed?

Recommended Posts

My site is in .php

How do you stop from raw files showing? The files of my site show up if I (for example) go to www.site.com/folder/folder. How do I prevent this situation so the raw files doesn't show up?

Most sites when you go to www.site.com/folder/folder you end up on a normal webpage, but mine shows the raw files. :(

Some sites stop this from happening to their site and protect it, can you please tell me how to stop it too?

I'm a newbie. :|

Thanks :)

Share this post


Link to post
Share on other sites
just add a file called index.htm to that directory and then it will just show that file and that file can have a meta-refresh in it to go elsewhere.

Share this post


Link to post
Share on other sites
[quote author=mainewoods link=topic=103870.msg413950#msg413950 date=1155311340]
just add a file called index.htm to that directory and then it will just show that file and that file can have a meta-refresh in it to go elsewhere.
[/quote]

So that means adding an index.htm manually in every folder/directory? Isn't there a way that can stop this at once? A quick fix code or the way to url my php’s so that it is permanently stable without manually adding an index.htm with every folder.

Thank you

Share this post


Link to post
Share on other sites
you may be able to add a .htaccess file to your top directory that would solve the problem, I'm not sure of the syntax though.

Share this post


Link to post
Share on other sites
Hi thanks i've added it, and it works but it just shows the same Directory Listing but without my raw files (which is a good thing)  But it looks very unprofessional, so how can I completely stop the Directory Listing page from showing, hopfully with an error page or a redirect back to the main page.

Can this be achieved through .htaccess?

Share this post


Link to post
Share on other sites
potentially through the mod_rewrite feature of .htaccess which is a complicated subject and I can't help you with that.

Share this post


Link to post
Share on other sites
Truthfully the best way is to put an index.htm file in each one ( or index.shtml, index.php, index.html.. it just needs to be an index file) since doing via .htaccess just puts more strain on the server everytime someone attempts to hit one of your folders.

Or you can pick up a little utility that not only prevents them from viewing your unprotected folders but logs their IP, redirects them to the page of your choice, and allows you to ban IP's if needed. Check out:

[url=http://www.templatedepot.com/snoop-catcher.htm]http://www.templatedepot.com/snoop-catcher.htm[/url]

Share this post


Link to post
Share on other sites
I would make directory listings unavailable where it would generate uhhh 403 (?) errors... then you could just use an appropriate error document... Possibly having it redirct the user to /index

Share this post


Link to post
Share on other sites
[quote author=corbin link=topic=103870.msg414015#msg414015 date=1155317250]
I would make directory listings unavailable where it would generate uhhh 403 (?) errors... then you could just use an appropriate error document... Possibly having it redirct the user to /index
[/quote]

Yeah but how would I do this? I don't know, can you please explain how to do this?

Share this post


Link to post
Share on other sites
It's not that hard.

1. create a custom error page ( I make mine look like the rest of the site with menus and everything. Like this: http://www.templatedepot.com/no-page-here.htm )

2. edit your .htaccess file with this:

ErrorDocument 403 http://www.yoursite.com/403.htm
ErrorDocument 404 http://www.yoursite.com/404.htm
ErrorDocument 500 http://www.yoursite.com/500.htm

Those are the most common errors.

Share this post


Link to post
Share on other sites

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.