xfusion Posted September 12, 2007 Share Posted September 12, 2007 Hey, I am creating a website, but there are two vulnerabilities that I can not seem to patch. I have a directory (/data/uploaded), this directory contains uploaded files which currently can be accessed (if someone figures out the directory) through the URL bar but I don't want them to be. The only way that these files should be accessed is by a .swf file. The second issue is: I have a .php file, this script is accessed by a .swf file, I don't want it to be accessed by anything other than the .swf file as it contains some sensitive information. What ways can I solve these issues? I've seen similar questions posted when I searched the forums, but I've never seen an answer that has solved the problem. I hope I have better lock . Link to comment https://forums.phpfreaks.com/topic/68997-preventing-unwanted-access/ Share on other sites More sharing options...
xyn Posted September 12, 2007 Share Posted September 12, 2007 If using Apache; .htaccess Options All -Indexes Link to comment https://forums.phpfreaks.com/topic/68997-preventing-unwanted-access/#findComment-346818 Share on other sites More sharing options...
sayedsohail Posted September 12, 2007 Share Posted September 12, 2007 sorry i have the same problem, can you please explain what Options All -Indexes will do? please. Link to comment https://forums.phpfreaks.com/topic/68997-preventing-unwanted-access/#findComment-346980 Share on other sites More sharing options...
xyn Posted September 12, 2007 Share Posted September 12, 2007 stops autoIndexes being made by apacher instead where a directory has no index it will hide files and folders etc. with 403. Link to comment https://forums.phpfreaks.com/topic/68997-preventing-unwanted-access/#findComment-346986 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.