Comments on: Apache Tips & Tricks: Deny access to some folders

By: Un peu de tout » Archives du Blog » sécurisation d’un serveur Apache : configuration

Sun, 29 Nov 2009 04:25:46 +0000

[...] Apache Tips & Tricks: Deny access to some folders [...]

By: - Marius -

- Marius - — Sun, 18 Oct 2009 10:20:21 +0000

@Vlad: you can do that with the same syntax as in my example of this post. Just put it inside your vhost, and replace .svn with music. hth.

By: Vlad

Vlad — Wed, 14 Oct 2009 12:22:33 +0000

Halla.
I do have the same problem like renjitha and to be honest I didn’t understand the part with disabling indexes. My problem sounds like this:
I do have a website and and some music files on to it in a specific folder (music folder in this situation). If I open the browser and type http://www.mypersonaldomain.com/music/ I can see the music files there(.mp3 files) and I also can download them.
Now.. I don’t really want that. I just want to close access on that folder and files from it. How can I do that ?
Where can I disable the indexes and how ?
Thanks in advance.

By: Week In Links – 8/21/2009 Pointless Rants

Week In Links – 8/21/2009 Pointless Rants — Fri, 21 Aug 2009 23:49:39 +0000

[...] http://www.ducea.com/2006/08/11/apache-tips-tricks-deny-access-to-some-folders [...]

By: renjitha

renjitha — Mon, 27 Jul 2009 15:19:43 +0000

Oh… i got it Marius..

thanks !!!

Regards
Renjitha

By: - Marius -

- Marius - — Mon, 27 Jul 2009 14:06:09 +0000

@renjitha: yes, i understood what you meant. Disable indexes on that folder (add -Indexes to your Options line in that folder) like:
Options -Indexes
(etc. whatever other options you might have there add them on the same line).

Cheers,
- Marius -

By: renjitha

renjitha — Mon, 27 Jul 2009 13:49:02 +0000

hi marius

sorry.. i didnt understand your answer

i will explain the scenario..
take this site as example :
http://www.ducea.com/2006/08/11/

if we remove ‘/11′ from above url we can access the other page…
ie, we can see the content of the url http://www.ducea.com/2006/08/

again if we remove /08 we can see the content of http://www.ducea.com/2006

and so on…

For my site i am storing all the images(also uploaded photos by the user) in the ‘images’ folder

if anyone types http://www.domain.com/images in the browser, he can see all files and directories in the ‘images’ folder and he can download my files…

i want to deny this access..
is there any way to do this…?

regards
renjitha

By: - Marius -

- Marius - — Mon, 27 Jul 2009 10:57:03 +0000

@renjitha: it seems to me that you are looking to disable the indexes on that folder, and not the access to the files right? -Indexes is your friend. hth.

By: renjitha

renjitha — Mon, 27 Jul 2009 05:00:04 +0000

i want to deny the access of a folder images
path is “/www/images”

how can this done?
if we use .htaccess, doest it allow the web user to get the page? (i am using images folder to store all images that wanted for the website)

so my requirement is, when a web user types http://www.domain.com/images he will not able to get the access to images folder. i think you have got it, rt?

Please help me..

Regards
renjitha

By: - Marius -

- Marius - — Wed, 24 Jun 2009 20:30:32 +0000

@Bunkai: even if this was not the intent of this post and .svn was just an example, it works as you want it to (first solution). If this doesn’t work for you please check out if other rules in your apache interfere or overwrite this one.