next »

[gi joe]

Anyone got a template for this file.  I've forgotten how to use it but want to use it to block the listing of me sites directories.

[corroded]

You can do that with Apache directives, do you have access to that?

[gi joe]

?

Don't know.  It's on my hosting company, they use cpanel, don't know if it's in that.

[corroded]

Put in a ticket to do it, I would imagine you are on a VPS? It really should be off by default anyway.

But...

http://www.ivankristianto.com/web-development/server/howtoturn-off-directory-listing-in-apache-web-server/141/

Does the trick apparently.

[gi joe]

I'm with Ariotek.  If I raise a ticket for it they'll probably tell me I shouldn't be managing a website if I can't manage it myself.  They've been that sarcastic before.  Fuckers.  But can't complain as they are cheap, and because they are a small unit their customer service is actually 100%, but as they are geeky they are sometimes sarcastic with it

I'll have a look at that link, thanks

[corroded]

I find 'I need this for [technical reason]' tends to work quite well for that.

Really, the I want it off for security reasons should do. If they are that sarcastic when dealing with a civil request, about something that... say... should be off, maybe you know why they are cheap... cos they are a bit pony =]

This said, a company I deal with today managed to completely misread a bug request... and fixed something to a broken state, and didn't fix the broken thing. So it's now actually... slightly more broken than it was.

[gi joe]

Nice.

I posted on their forum once that maybe it's because they are Scottish (they are based in Scotland).  That joke didn't go down too well they deemed it racist

Tits.

I think Keasy or Wooster use them as I think they were the ones I recommend once.

[gi joe]

Put in a ticket to do it, I would imagine you are on a VPS? It really should be off by default anyway.

But...

http://www.ivankristianto.com/web-development/server/howtoturn-off-directory-listing-in-apache-web-server/141/

Does the trick apparently.

Thanks.  Wasn't sure abotu the Apache bit.  Found it in CPANEL but still not sure.  Followed the link, still not sure but basically done what it's said now I believe.  Just create a .htaccess file and only stuck

Options -Indexes

in it.  And that seems to have done the job.

Thanks.

[digidix]

Is that all?

 

Options -Indexes

[gi joe]

Is that all?

 

Options -Indexes

Appears so.  File has to be called .htaccess

[digidix]

Is that all?

 

Options -Indexes

Appears so.  File has to be called .htaccess

Yeah, I know that file, tells where the php directory is

[gi joe]

I don't know about that.  I'm no expert but just assumed it was an access control file.  You can put other stuff in there to password protect folders.  php files don't need to be in the directory its in.  You can use it on any plain, non php website too.

[corroded]

Is that all?

 

Options -Indexes

Appears so.  File has to be called .htaccess

Yeah, I know that file, tells where the php directory is

actually, that's http.conf

I don't know about that.  I'm no expert but just assumed it was an access control file.  You can put other stuff in there to password protect folders.  php files don't need to be in the directory its in.  You can use it on any plain, non php website too.

They generally inherit through to sub folders, but if you put one in a lower directory, it takes precedence over the parent .htaccess. Though, it's a bad idea to put them in too many directories, especially upload directories, someone could theoretically overwrite the .htaccess... certainly if it had the wrong permissions on it... and with some bad file type validation, have them uploading php files, or whatnot.