How do I stop people seeing contents of directories if no index file exists?

[OM2]

Can someone tell me how I can stop someone from seeing the contents of a directory if it doesn't have an index file?

 

I've got Linux hosting and currently, if the directory doesn't have index.html or similar, then you can see all the files names

 

What methods are there to stop all such viewing?

 

(I wasn't sure if this was a PHP question or not, but I thought I'd try asking anyway)

 

Thanks

 

 

OM

[JonnoTheDev]

Add to an htaccess file

Options +Indexes

[OM2]

Add to an htaccess file

Options +Indexes

i read up and that shows everything in a directory!

 

i think this is the right answer:

 

Options -Indexes

 

BUT: how do i make it so that the same rule applies to all sub directories?

(without necessarily making a global setting for the whole server)

 

thanks

[JonnoTheDev]

Place in the document root

[Psycho]

Place in the document root

I think he means do not place the folder in the docoument root of the site. Then the folder is not accessible at all via the web, but you can still access the documents via your PHP code.

[PFMaBiSmAd]

Options -Indexes only prevents directory listing. It does not prevent serving web pages.

[dreamwest]

if you have Options - Indexes in your root htacess, and you have something like this

 

http://site.com/

http://site.com/dir/secret_file.flv

http://site.com/dir/even_more_secret.txt

http://site.com/dir/super_secret.php

 

Someone going to :

 

http://site.com/dir/

 

will get a forbidden, and your files wont be displayed to the browser