I have a "site" setup to allow myself some "public" downloads.
So in the root folder of the site I have an htaccess file containing
Options +Indexes
IndexOptions +FancyIndexing
Inside the site I have a couple folders with files for downloading, etc...
How can I disable the ability to get into the parent folder once inside one of these folders?
For instance...
http://o7thwd.com/dl/Mine
I'd like to prevent the Parent Directory from showing and being able to do anything...
Remove the .htaccess file from the site's root folder.
Put the following (same as in your question) in .htaccess file in every sub-folder that needs to be public:
Options +Indexes
IndexOptions +FancyIndexing
Related
I want to allow directory listing in all sub folders inside folder root, but the root folder should not be able to be directory listed. but i wish to do this with just 1 htaccess file in the root folder, not having to place a Options +Indexes htaccess file in each sub folder.. is this possible?
The best solution for this is to create an index file in the root folder. If you do not have an index file, you can use mod-rewrite, the following rule in your htaccess to deny directory listing for the root.
RewriteEngine on
RewriteRule ^$ - [R=403,L]
Hello i have static html site in the root folder ex: www.example.com . and WordPress site in sub-folder ex: www.example.com/blog so where to put htaccess file in root or subfolder. and how to configure single htaccess file to work for both site.
It depends on what you have in this htaccess file. If it's the Wordpress file, put it in the subfolder.
Anyway, you can have an htaccess file in both directory, the one in the subfolder will ovveride any file in parents directories.
I'm running WAMP on my Win7 box and trying to configure an htaccess folder to restrict my guests from browsing the directory structure.
Right now, if you head to http://grovertechnologysolutions.com/Technical, it will list the directory structure which I do not want. They should be only able to get to the .html site.
I've already modified the httpd.conf file to remove the commented out rewrite mod.
I've added the htaccess file to the documentroot of my website.
My htaccess file looks like this:
options -indexes
# or #
IndexIgnore *
I've restarted all services multiple times.
Should the htaccess be in the WWW folder or the document root? I run many websites virtually and only care about my main site, so I've been placing the htaccess inside that folder, but have tried www as well.
I'm assuming you've edited the proper .htaccess file in the website's DocumentRoot folder.
Options -Indexes
The above will only work if your particular WAMP's configuration and the website's VirtualHost file has the proper AllowOverride value set, such as...
AllowOverride All
Check the website's VirtualHost file, and/or httpd.conf's for something like...
<Directory "C:/WampDeveloper/Websites/www.example.com/webroot">
Options All
AllowOverride All
order allow,deny
allow from all
</Directory>
If it's not set to All nor lists Indexes, that .htaccess line is going to get ignored.
I've already modified the httpd.conf file to remove the commented out rewrite mod
mod_rewrite has nothing to do with this.
I've restarted all services multiple times.
.htaccess files are re-read on every request. You don't need to restart Apache.
http://httpd.apache.org/docs/2.2/mod/core.html#allowoverride
I have a wordpress site running, and currently anyone can view the uploads directory by visiting
http://site.com/wp-content/uploads
I want to stop this directory from being viewed in a browser but I want a subfolder to be viewable (eg. http://site.com/wp-content/uploads/PublicUploads). I have tried setting
IndexIgnore *
in the uploads folder, but I cannot work out how to set the sub folder back to visible.
Any help would be appreciated
Most people use
Options -indexes
To make a subdirectory visible again, you'll need to put a .htaccess file inside that subdir, with Options +indexes inside it.
Using mod_rewrite you can block direct access to wp-content/uploads directory like this:
RewriteRule ^wp-content/uploads/?$ - [F,NC]
Keep in mind that this will only block browsing of /wp-content/uploads contents but will allow /wp-content/uploads/PublicUploads or any /wp-content/uploads/foo.
In my application I have separate spaces for user and admin like
if www.example.com is my website, then www.example.com/admin is my admin URL.
I am using a .htaccess file in my root, and it affects some of the functionality in my admin folder, which I don't want to.
For example, consider below is my folder structure
..
.htaccess
index.php
admin
So if I don't want the .htaccess rules to apply within the admin folder, is there any way?
For people that don't have direct access to httpd.conf (shared hosting for example), just put another .htaccess file in the subfolder and set to the desired behavior.
You should be able to do this, but it does require write access to the httpd.conf configuration.
If you have access to the httpd.conf file, something like
<Directory /admin>
AllowOverride None
</Directory
should do the trick.
Also, note that using .htaccess files in the root directory (as you said you did) is not a recommended approach. You'd be better off moving the contents of the htaccess file into the proper contexts of the httpd.conf file.
More information can be found at http://httpd.apache.org/docs/2.2/mod/core.html#allowoverride