I have a WordPress site, let’s say it’s on http://awesome.site. On this site I’ve created a page with url awesome.site/page.
Now I wish to include a physical file named “file.txt” so it’s url would be awesome.site/page/file.txt. How to do that?
Of course, if I create a folder /page and place a file.txt inside it – WordPress wouldn’t show the content at all. My physical file.txt is currently located inside /stuff directory – current full path is: awesome.site/stuff/file.txt
Related
I just uploaded files to my website with FileZilla. When I type websitename.com nothing shows up, but when I type in websitename.com/filename.html then my website appears how I want it to. But how do I make my website appear when I just type websitename.com?
Do you have an empty file called index.html (or any file named index) in your site root (the folder that www.site.com contains its first level of files)? If so, that's your problem.
If no index file exists, rename the file that is your homepage to index.html.
Using website grabbers whole website with folder structure can be downloaded.
Is there any way to prevent this?
If so,how?
The only way to protect a websites markup is not to publish it. If you want your users to see something they need to get the HTML markup and the images, that should be displayed. And therefore the files need to be accessible. And if your files are accessible every user/bot/crawler/grabber can save these files.
The best way is to put a few files like the index page in the main directory and call the other sub pages in it. If using php then you may do the following.
Say keep the index.php in the main folder and keep the homepage.php in a directory called includes and use the homepage in the index.php via include function in php.
Now add a .htaccess file to the includes folder which must contain
"deny from all"
This way users can use the page but will not have direct access to the files. So will be for the grabber.
I want to block the direct access to directories in the www folder of my wamp server so that no one can directly access the files which are residing there.
Example:
There is a folder in www named "folder". This folder contains a file "page.php" and several images and css files. There is no index file in this folder. Now when the user enters ..../folder/ whole directory will be accessible to user. But I want to hide the directory list from user. But page.php should be accessible when opened through the any other page (via hyperlink)
Please help!
The way you describe it, you probably still want those items to be accessible so that pages referencing those files will still load. You just don't want Apache to list out the files when navigating to that folder.
Apache calls these pages "directory indexes". You can turn it off for a specific folder (and sub folders) by adding to the .htaccess file for that folder an entry:
Options -indexes
More details on the Options directive and .htaccess files here:
https://httpd.apache.org/docs/current/mod/core.html#options
I have my .htaccess file, and I have a folder with config files in there, and they contain sensitive content, e.g. database details etc. What I would like to know is, how can I block access from a browser, but allow them to be accessed via my scripts?
I know that this can be achieved inside the PHP files themselves, but I'd rather use the .htaccess approach where possible.
Is this actually able to be done? I've attempted it before, but in the process of denying access to the file from the browser, it also denied access from the coding.
I have looked into this before, and some of the answers I came across suggested changing the extension to something like .inc, and then denying access to that. However, a couple of issues I have with that is that a) It instantly alerts anyone that can see that filename, for whatever reason, that it is a config file. Also, b) If my denial code breaks, browsers will not parse it as a PHP file, but rather an inc file, meaning it will print the code in the browser.
Basically, can this be done within a .htaccess file, or do I need to put something in the header of every config file?
Put these files outside of your web server's document root.
You can still access them via your server-side scripts, but this ensures no direct access to them from the outside world.
The conventional advice is to place such files "outside of your web server's document root". This is all well and good, but many shared hosting offerings only give write access to your public_html directory.
I use a simple convention: any private content (that is not URI addressable) is prefixed by an underscore or in a directory that's name is prefixed with an underscore (eg. _private or _include). I then include this rewrite rule in my DOCROOT .htaccess file:
# if a forbidden directory or file name (starting with a . or /)
# then raise 404 Fatal return
RewriteRule (^|/)[_.] - [F]
Remember that you'll need to prefix with a RewriteEngine On and/or include this at the top of any .htaccess file with the engine enabled.
Note that the "." prefix picks up files such as .htaccess.
Please use a framework, these kind of issues just doesn't need to exist. If you insist though, write a .htaccess to redirect every request to a single index.php in the root directory, which then have more logic to determine whether or not the request is for a valid file and include them, otherwise generate 404 or 403. If you need performance for static files, then use RewriteCond to exclude specific directories or file type from the index.php check.
I installed Drupal on my website. It works perfectly but to reach the front page I'm systematically redirected to a page called "Index of" and I have to click on the subfolder drupal-7.12/ to reach the front page. So, the real url for my website i guess is
http://www.mysite.com/drupal-7.12
On my ftp server is organized like this:
Folder public_html
-> Folder drupal-7.12 + a file .htaccess
There is another .htaccess file inside the folder drupal-7.12
I know that I have to modify one of them but i don't know which one and what i have to modify ?
I hope that someone will understand my problem and could help me
Thanks
ML
I would suggest that you remove the folder in drupa.7.12 and move everything up one directory. Basically you are set up as:
Mysite/drupal7.12
move all the contents of drupal 7.12 up one directory to your public_html folder
Or you need to edit the htaccess in the public_html folder to redirect you to that folder. But that is going to cause some issues in the long run.