[SOLVED] Blocking directory..

[phpSensei]

How Do You block a php file or even directory from being acessed by someone else?

 

I want to use the data in the directory, but if someone tries to sneak in, he is blocked...

[dbo]

Look into file permissions and chmod

[php_tom]

You could just put a PHP file 'index.php' with the following code:

<?php
// Redirect them to your site's main page
header("Location: http://www.mydomain.com/");
?>

Of course, if someone knows the name of a file in the directory, they can just type it in, but if the script performs a sensitive task (uploading files, displaying sensitive info, etc.), you should probably be using sessions or something to stop unauthorized access anyway...

 

For example when I do the admin part of a website, either I just password the directory with all the admin scripts, or I do a login script w/ sessions to prevent BAD stuff...

[dbo]

This same thing can and should be done by turning off directory listings in Apache. But if it's just data files that you need grant privileges to system but not users and if you can store it out of the html directory all together so that its contents cannot be served up to a malicious user.

[phpSensei]

So How Do You Do it again?"

[dbo]

I think you just remove the + from +Indexes on the main configuration settings in httpd.conf or if you're on a shared host you'll do some hacking on a .htaccess file.

[Fadion]

have a look at <a href="http://www.thejackol.com/htaccess-cheatsheet/">this</a> htaccess cheatshet