[SOLVED] How do I prohibit direct linking to a directory... without password problems?

[vozzek]

Hi all,

 

Let's say I've got a directory at www.mywebsite.com/images/  and this contains all my site's images.  Obviously I don't want people being able to link directly to that directory and see the different files there, I want them to get an 'error not found' message or something along those lines.

 

So I went into my host panel (I use HostGator) and clicked 'password protect directories'.  This works, except that every single page of my site then asks for a username/password because the page is accessing the images from that directory.  So that's not gonna work.

 

Is there an html way to do what I want?  Thanks in advance.

 

 

 

[rhodesa]

Do a search for "stopping image hotlinking"

 

also, check out this site: http://altlab.com/htaccess_tutorial.html

[vozzek]

Very cool, thanks much.  I definitely want to stop the hotlinking.

 

Still, could I put an index.html file in the directories I want to protect, with a re-direct back to my main page?  Wouldn't that protect the individual directory from being looked at?

 

And would web-browsers frown upon such multiple index pages and/or redirects?

 

[bronzemonkey]

This is a really interesting question. I'd also be interested in how to prevent directories being viewed without preventing access to the webpages that rely on files found within those directories.

[rhodesa]

in the .htaccess file, add this line:

Options -Indexes

 

That should prevent people from seeing those autogenerated directory indexes

[bronzemonkey]

thanks, appreciate the info.