Accessing website root directory

Hi guys, just a quick question.

I am developing a website at the moment and just wondered whether or not it was possible to access a folders root directory/files from the browser directly.

And if there is, no i dont want it, thats not what im after.

I have a password protected area that is monitored by using session variables, however the files have no protection.

The only method i can think of at the moment is just including an index.php file in each of the folders that displays a forbidden message.

Should i be password protecting these folders and is that even possible?

Cheers

ok so i just seen that i cant access the root directory when it is hosted due to restrictions, its only on my localhost I can.
But if someone finds out the direct url of the file they could still access it, how can i stop this?

The two easiest ways are:

1. Store your files outside of the web root, and use a script to transfer them to the users when they are authorised to view/download them.

2. Set up a .htaccess file that blocks all access to that directory.

There's tutorials for both of those around the net that you can find without any effort at all, so have a look and see what you can do.

This question needs added to the faq

Yeah, this is a good candidate for a FAQ. Which FAQ do you mean?

I was thinking of the PHP FAQ actually, specifically for this question:


That question seems to come up pretty frequently.

Thanks alot peeps, i'll look into it.

Apologies for not finding a thread with the answer on beforehand

I meant actually that I should write one, didn't mean to imply that you should have found one. Hopefully I'll get around to it by the time it's still useful to you.

I think there is no solution to this one. Everybody is wasting time.