/    Sign up×
Community /Pin to ProfileBookmark

Restricting Access to Parent Folder (Apache)

Copy linkTweet thisAlerts:
Apr 20.2012

Hello,

I’ve got a site running on my local machine (apache) and I’m wondering if any of you could tell me how to block access to the parent folder. I’m assuming it’s something in httpd.conf ?

For example in my htdocs folder I have the ‘mysite’ directory and within that folder page1, page2, page2 etc… I do not want someone to be able to enter example.com – they should only be able to access example.com/mysite and any sub directory.

Any help would be much appreciated!

PS: I’ve got the site running on localhost and accessible publicly via dynamic DNS name. This is for a course and that is how we’ve been asked to configure it. I just don’t want people to be able to see everything in my localhost but don’t want to turn directory browsing off for any sub folders.

to post a comment
PHP

6 Comments(s)

Copy linkTweet thisAlerts:
@NogDogApr 20.2012 — You can put an index.php file in that top directory with something like:
[code=php]
<?php
header("HTTP/1.0 404 Not Found");
[/code]
Then make sure your Apache config will process that as the default file, e.g.:
<i>
</i>DirectoryIndex index.php index.html index.htm
Copy linkTweet thisAlerts:
@aj_nscApr 20.2012 — Of course that doesn't restrict access to the parent directory, it just gives a 404 error if somebody tries to go to that directory without a file specified - like http://example.com.

If you've got an asset in there like myimage.gif then people will still be able to access it by typing in http://example.com/myimage.gif.

If you've got stuff in the web root directory that you don't want outsiders to access, then preventing them from accessing it is simple - don't put it in the web root! Stick it in some folder above the web root.
Copy linkTweet thisAlerts:
@MaxAvionauthorApr 20.2012 — Thanks for the replies guys!!

You can put an index.php file in that top directory with something like:
[/QUOTE]

I think that would be the simplest route so probably what I'll end up doing!

Of course that doesn't restrict access to the parent directory, it just gives a 404 error if somebody tries to go to that directory without a file specified - like http://example.com.

If you've got an asset in there like myimage.gif then people will still be able to access it by typing in http://example.com/myimage.gif.
[/QUOTE]

This was actually the problem that I was trying to avoid. I don't want them to be able to go to example.com/some_other_folder_or_file if they know that the path exists. Anyhow I think I'll just work with this for now.

I'll use both suggestions; index.php in document root and the rest of the folders in other dirs.

Thanks again!
Copy linkTweet thisAlerts:
@GettingSmartApr 21.2012 — With a htaccess file you are able to deny access..

If you have a htaccess file with the following content:

[CODE]deny from all[/CODE]

No one will be able to access the content in that folder by browser.

Although it will be possible to include it.
Copy linkTweet thisAlerts:
@MaxAvionauthorApr 21.2012 — With a htaccess file you are able to deny access..If you have a htaccess file with the following content:

[CODE]deny from all[/CODE]

No one will be able to access the content in that folder by browser.

Although it will be possible to include it.[/QUOTE]

Hey that is great thanks and I think that would work well.

Would they be able to access any sub-folders in that directory? For example I only want them to be able to view example.com/mysite1 - if I have example.com/mysite2 would they be able to see that or are they simply blocked from seeing the contents of example.com/
Copy linkTweet thisAlerts:
@GettingSmartApr 22.2012 — Hey that is great thanks and I think that would work well.

Would they be able to access any sub-folders in that directory? For example I only want them to be able to view example.com/mysite1 - if I have example.com/mysite2 would they be able to see that or are they simply blocked from seeing the contents of example.com/[/QUOTE]

I think they are able to see subfolders. But I'm not sure about that.
×

Success!

Help @MaxAvion spread the word by sharing this article on Twitter...

Tweet This
Sign in
Forgot password?
Sign in with TwitchSign in with GithubCreate Account
about: ({
version: 0.1.9 BETA 5.7,
whats_new: community page,
up_next: more Davinci•003 tasks,
coming_soon: events calendar,
social: @webDeveloperHQ
});

legal: ({
terms: of use,
privacy: policy
});
changelog: (
version: 0.1.9,
notes: added community page

version: 0.1.8,
notes: added Davinci•003

version: 0.1.7,
notes: upvote answers to bounties

version: 0.1.6,
notes: article editor refresh
)...
recent_tips: (
tipper: @AriseFacilitySolutions09,
tipped: article
amount: 1000 SATS,

tipper: @Yussuf4331,
tipped: article
amount: 1000 SATS,

tipper: @darkwebsites540,
tipped: article
amount: 10 SATS,
)...