cambiar el permiso de seguridad en un sitio web

I have a website that is working properly.I dont know when I do "Domain-name.com/images" It shows me all the images in the images folder present at my site.I dont know why is this.may be this is due to the Directory permissions?But I want to ask know the actual reason behind it Help will be appreciated. Note:I am tagging Php and Html because these people might faced this thing while creating website.

preguntado el 31 de enero de 12 a las 08:01

4 Respuestas

This is because there is no index file in the folder, and Apache (assuming Apache) is set to do directory indexes.

Either create an empty index.html or add the following in either apache2.conf (or httpd.conf) or in a htaccess file:

Options -Indexes

Respondido el 31 de enero de 12 a las 12:01

Creating an empty index file will not be a good solution.however the second one worked out.If I want to redirect the user to the homepage if he tries to domain-name/images,then I ahve to create an index file.right? - requerir una vez

You could use either a rewrite rule or an index file. Unless there's a lot of directories you want to do this for, I would just use an index file. - Corbin

You can restrict the folders using .htaccess.

Create .htaccess file in you website root folder and add the following code in it.

RewriteEngine on
RewriteCond $1 !^(css|js|images)
RewriteRule ^(.*)$ index.php/$1 [L]

Respondido el 31 de enero de 12 a las 12:01

Using a rewrite for this seems like overkill. Why would you not just disable directory indexes? - Corbin

You have made the assumption that their web server is Apache. This would not work if they are using Microsoft IIS. - Jeff

When the poster doesn't specify, it's Apache 95% of the time. - Corbin

This is a problem with the configuration of your web server which allows directory listing for your image folder. E.g. on Apache, the most common server software, you would switch it off in the httpd.conf with the directive Options -Indexes en un parche de directory .

Respondido el 31 de enero de 12 a las 12:01

To answer your question: yes. If it's a web accessible directory meaning it resides in the typical webroot folder such as public_html, www, etc and the permissions on the folder are open then anyone can see the contents.

Respondido el 31 de enero de 12 a las 12:01

No es la respuesta que estás buscando? Examinar otras preguntas etiquetadas or haz tu propia pregunta.