Welcome!

Join our community of MMO enthusiasts and game developers! By registering, you'll gain access to discussions on the latest developments in MMO server files and collaborate with like-minded individuals. Join us today and unlock the potential of MMO server development!

Join Today!

[Apache] Forbidden Directory

Newbie Spellweaver
Joined
Apr 30, 2009
Messages
42
Reaction score
0
No doubt that this is going to be a stupid question but it's been bugging me so I will ask.

I have a directory on my server called /images and I want the images in that folder to be hidden with a Forbidden page that also says You don't have permission to access /images on this server.

:blush:
 
Last edited by a moderator:
0xC0FFEE
Loyal Member
Joined
Dec 24, 2006
Messages
1,655
Reaction score
477
Re: Forbidden

You gould just make a empty index.html and put it in your images folder.
 
Joined
Jun 8, 2007
Messages
1,985
Reaction score
490
Re: Forbidden

You gould just make a empty index.html and put it in your images folder.
That won't stop anyone from seeing the images in that directory.

Merlin is right. As in, the '.htaccess' file will only work on Apache servers, and if you have permission to use .htaccess...... If you have any kind of paid host, pretty much, you can most-likely do this..

I sort of assume that after working with PHP developers so often, recently.. :blushing:
 
Experienced Elementalist
Joined
Apr 15, 2008
Messages
256
Reaction score
0
Re: Forbidden

That won't stop anyone from seeing the images in that directory.

Merlin is right. As in, the '.htaccess' file will only work on Apache servers, and if you have permission to use .htaccess...... If you have any kind of paid host, pretty much, you can most-likely do this..

I sort of assume that after working with PHP developers so often, recently.. :blushing:
Doesn't that deny from all including himself?
I think he just wants the contents hidden, not to deny access from the images themselves.
If so, just make index.htm and upload it, this will not allow anyone to see the contents of the folder, but if they know the url then they can view the image.
 
Ginger by design.
Loyal Member
Joined
Feb 15, 2007
Messages
2,340
Reaction score
653
Re: Forbidden

Assuming apache, you can use Options to disable Indexes, and if it's on linux, removing the execute flag on the folder for the user/group/owner (whatever the www user you have is) will prevent the web server from being able to produce a list of files.

 
Joined
Jun 8, 2007
Messages
1,985
Reaction score
490
Re: Forbidden

You'll probably be able to secure how Merlin said with an FTP client ;) You might be able to do it that way even if you can't use .htaccess.

However, the way I mentioned is the only way I know of to get exactly what you're asking.

To my understanding, the OP wants a 403 error message on all files in the 'images/' directory when accessed by a client/browser, including the directory itself.
No doubt that this is going to be a stupid question but it's been bugging me so I will ask.

I have a directory on my server called /images and I want the images in that folder to be hidden with a Forbidden page that also says You don't have permission to access /images on this server.

:blush:

He can still get to the images through FTP, host, server-side code (such as PHP), etc. When a client/browser sends a request for anything in that directory, the server returns a 403 (permission error) instead of the requested.. image, in this case.
:thumbup1:

What that permission error says, could rely on the host, a default value, or a custom error page (which can be done quite simply in .htaccess as well)
 
Infraction Baɴɴed
Loyal Member
Joined
Apr 9, 2008
Messages
1,416
Reaction score
169
Re: Forbidden

your talking about hot-linking and the .htaccess file can achieve that.

take a look into this site: .

just googled it, check and save google as a favorite because it will become your best friend.
 
Joined
Jun 8, 2007
Messages
1,985
Reaction score
490
Re: Forbidden

The keyword "Forbidden", is a 403 HTTP error,
http://en.wikipedia.org/wiki/HTTP_403 said:
The 403 Forbidden HTTP status code indicates that the client was able to communicate with the server, but the server will not let the client access what was requested.

This response is returned by the Apache web server when directory listings have been disabled. Microsoft IIS responds in the same way when directory listings are denied. This response may also be returned by the server if the client issued a WebDAV PROPFIND request but did not also issue the required Depth header, or issued a Depth header of infinity[1].
I figure the above is what the OP wants to do with the images directory.

Though trying to prevent Hotlinking (which might be ideal to prevent other web-sites from eating up bandwidth via image requests), might be more specific to the problem. However, it won't protect the images from the client/browser, and can still be downloaded/viewed. If the OP doesn't mind that, (and/or if securing the directory ruins the site's appearance) then preventing "Hotlinking" is a better solution.

If you want the browser to say "Forbidden" when a client requests the directory, but still want the images to work, you can, (as stated above) create an index file that says whatever you want.. (Like "Forbidden" :)

There, all the solutions you could ever want.
 
Last edited:
Newbie Spellweaver
Joined
Apr 30, 2009
Messages
42
Reaction score
0
Re: Forbidden

Thanks for all of the help, but it's not what I was looking for. I want the folder to be forbidden to see what is in it, but the image can be linked with my css to make the layout.

Oh and yes, I'm using Apache/2.2.11.
 
Newbie Spellweaver
Joined
Dec 31, 2008
Messages
91
Reaction score
32
Re: Forbidden

Well, I think the only way is to use a fake index page.
 
Joined
Jun 8, 2007
Messages
1,985
Reaction score
490
Re: Forbidden

Thanks for all of the help, but it's not what I was looking for. I want the folder to be forbidden to see what is in it, but the image can be linked with my css to make the layout.

Oh and yes, I'm using Apache/2.2.11.
Unfortunately, if you deny access to all the images, it will break the images in your stylesheet. It's kind of a one-way street. There may be a work-around though- Do you mind me asking why (for what purpose) do you request to secure the images directory?

If there's some images you want to keep secure, and others you want public, consider making a new directory for the secure ones, and putting the .htaccess file to deny access to those files. You can use PHP to dynamically copy and display the secure images, though it takes a significant amount of time, so it's not recommended for common tasks.

You can use an index file to prevent the automatic file-browser some hosts provide for default directories from coming up.

If you want to prevent people from stealing your images, there's no way to let them view the image. (The way a browser works, is before you see it, the file must be downloaded). Since everything you see through a client is on your computer at that point, if you want them to see the images, they must have the right to download them. Just the way it goes with computers, unfortunately. :closedeyes:

Perhaps you just need to be a little clever with the technology we do have? :p:

Again, why (for what purpose) do you request to secure the images directory?
 
Last edited:
Skilled Illusionist
Joined
Apr 6, 2007
Messages
384
Reaction score
2
Re: Forbidden

As has been said multiple times, what you want to do is stick a blank index.html in there and you'll be good. Using a PHP script to load images and output them puts unnecessary load on the server for just viewing an image.
 
Ginger by design.
Loyal Member
Joined
Feb 15, 2007
Messages
2,340
Reaction score
653
Re: Forbidden

How about
Code:
Options -Indexes

Assuming apache, you can use Options to disable Indexes, and if it's on linux, removing the execute flag on the folder for the user/group/owner (whatever the www user you have is) will prevent the web server from being able to produce a list of files.


>.>

5chars
 
Back
Top