I've got the following problem.

A webiste is hosted.

lets say the url is
http://example.com/_include/products.html

(The include folder contains images and other html files etc.)

So here is the problem, anyone can just remove the "products.html" from the url then we have
http://example.com/_include/

If someone does this they can access all of the contents within my "_include" folder

How do i prevent this?
Any help/suggestions would be appreciated

Thanx :)

Recommended Answers

You might be able to disable directory browsing in your web server's configuration. Visitors should then see an HTTP 403 error page instead.

Another option would be to redirect requests for the URL to products.html, or some other page.

If a web server finds a default web page located in …

Jump to Post

All 2 Replies

You might be able to disable directory browsing in your web server's configuration. Visitors should then see an HTTP 403 error page instead.

Another option would be to redirect requests for the URL to products.html, or some other page.

If a web server finds a default web page located in the directory it will serve that instead of a directory listing. Default web pages are typically named something like 'index.htm', 'default.aspx', or 'index.php'. It depends on your configuration.

So, if you wish to prevent visitors from browsing a directory, you might get away with simply dropping in an empty default page.

Which web server are you using?

Hi there
Thanx for the reply

I have altered my htaccess file on the server.
Now when a user tries to access a directory it gives the 403 error

Be a part of the DaniWeb community

We're a friendly, industry-focused community of 1.21 million developers, IT pros, digital marketers, and technology enthusiasts learning and sharing knowledge.