November 29th, 2012, 09:51 AM
Accessing website root directory
Hi guys, just a quick question.
I am developing a website at the moment and just wondered whether or not it was possible to access a folders root directory/files from the browser directly.
And if there is, no i dont want it, thats not what im after.
I have a password protected area that is monitored by using session variables, however the files have no protection.
The only method i can think of at the moment is just including an index.php file in each of the folders that displays a forbidden message.
Should i be password protecting these folders and is that even possible?
November 29th, 2012, 10:03 AM
ok so i just seen that i cant access the root directory when it is hosted due to restrictions, its only on my localhost I can.
But if someone finds out the direct url of the file they could still access it, how can i stop this?
November 29th, 2012, 05:28 PM
The two easiest ways are:
1. Store your files outside of the web root, and use a script to transfer them to the users when they are authorised to view/download them.
2. Set up a .htaccess file that blocks all access to that directory.
There's tutorials for both of those around the net that you can find without any effort at all, so have a look and see what you can do.
November 29th, 2012, 08:26 PM
This question needs added to the faq
November 30th, 2012, 12:18 AM
Yeah, this is a good candidate for a FAQ. Which FAQ do you mean?
Originally Posted by E-Oreo
December 4th, 2012, 08:14 PM
I was thinking of the PHP FAQ actually, specifically for this question:
That question seems to come up pretty frequently.
December 5th, 2012, 05:07 AM
Thanks alot peeps, i'll look into it.
Apologies for not finding a thread with the answer on beforehand
December 5th, 2012, 07:32 PM
I meant actually that I should write one, didn't mean to imply that you should have found one. Hopefully I'll get around to it by the time it's still useful to you.
January 17th, 2013, 06:39 AM
I think there is no solution to this one. Everybody is wasting time.
Comments on this post