Best way to prevent directory viewing on a hosted domain?

Commissario
Joined
16 Oct 2002
Posts
343,958
Location
In the radio shack
What's the best way to do this, to stop people pulling up a directory listing on a domain?

I can create a .htaccess file and the two options I've found are either

Options –Indexes

or

IndexIgnore *

Both work, the first one returns a server error when I go to a directory

"Internal Server Error

The server encountered an internal error or misconfiguration and was unable to complete your request.

Please contact the server administrator, [email protected] and inform them of the time the error occurred, and anything you might have done that may have caused the error.

More information about this error may be available in the server error log.

Additionally, a 500 Internal Server Error error was encountered while trying to use an ErrorDocument to handle the request."


The second just returns an empty index.

Is either one better than the other, or is there a different way for me to do this?

 
Yeah, that works but just needs faffing about in each directory. It'll do though, ta.
 
It's what Wordpress/phpBB do...

Well, technically Wordpress use an index.php with the following contents:

PHP:
<?php
// Silence is golden.
?>
 
Don't you have cPanel?

Just go to Index Manager, click on a folder, and hit "No Indexing". Any sub-directories automatically become the same as the parent folder.

If you want a custom error page go to Error Pages, and edit the code for "403".
 
Last edited:
In .htaccess add these lines

Code:
DirectoryIndex index.html index.php /index.php
Options +FollowSymlinks +IncludesNOEXEC
This will look for a html or php file named index in the current directory or failing that load the index.php in the root directory. Replace php/html with whatever file extension you like.
 
Don't you have cPanel?

Just go to Index Manager, click on a folder, and hit "No Indexing". Any sub-directories automatically become the same as the parent folder.

If you want a custom error page go to Error Pages, and edit the code for "403".

Second, thanks for this, I didnt know getting those disallowed index pages to redirect to somewhere useful would be so easy :)
 
Back
Top Bottom