homepage Welcome to WebmasterWorld Guest from 54.196.77.82
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member

Home / Forums Index / WebmasterWorld / New To Web Development
Forum Library, Charter, Moderators: brotherhood of lan & mack

New To Web Development Forum

    
Need index page for sub-directory?
RonSolo




msg:3758444
 10:55 pm on Oct 3, 2008 (gmt 0)

Is it common practice to place an index page in a sub-directory? The index page acts as a "home" page for that directory. For example, a site has a directory called "Articles" with a number of article web pages. Should there be an index.htm in the Articles directory? What happens if there's no index file?

Thanks,
Ron

 

Quadrille




msg:3758497
 1:18 am on Oct 4, 2008 (gmt 0)

You don't have to, but if you do, it gives you a page called example.com/folder/ rather than example.com/folder/file.html, which is neat.

Depending on your server setup, if you DON'T do this, your server will substitute a file list at that URL, which can be a security risk.

mack




msg:3758499
 1:22 am on Oct 4, 2008 (gmt 0)

The index file is important. If a user goes you yoursite.com/yourfolder/ and there is no index file they will receive a 404 page not found message. Even if you have a folder filled with articles and each article is linked to from other pages it is still good practice to have an index file in each directory.

Lets imagine your site is about cars, you have a folder called "engines". I might get to that folder by following a link to a page about ford engines...

engines/ford.html

This might be of interest so I then decide to delete the ford.html so see what other information you have and get a page not found. The index page could have been used to allow me to see all the pages available. By default some servers, if not most! will show a directory index. "Index of" page. These are very unprofessional, you can make a simple html page to link to your pages within the folder.

Mack.

RonSolo




msg:3758502
 1:31 am on Oct 4, 2008 (gmt 0)

Thanks guys!
I have, in fact, come across site folders without an index file and it will show an index of all the files there. Certainly not professional and maybe a security risk. Just wasn't sure what the common practice was, but it seems prudent to create an index file for each sub-directory.

Thanks again!
Ron

Quadrille




msg:3758531
 2:56 am on Oct 4, 2008 (gmt 0)

Even for images!

mack




msg:3758645
 12:58 pm on Oct 4, 2008 (gmt 0)

with image directories what I generaly do is create a simple index.html file and place a meta refresh to point the user to the site homepage. This prevents users viewing images without the content.

Mack.

g1smd




msg:3758646
 1:02 pm on Oct 4, 2008 (gmt 0)

For images, styles, scripts, and other such folders I add a line to .htaccess that stops any viewing of file lists, or of any index page in those folders.

rocknbil




msg:3758691
 3:58 pm on Oct 4, 2008 (gmt 0)

FYI this is called directory indexing and is managed by one of the configuration files on your server. For example, if your directory indexing is set to: index.html, index.htm, home.html, index.cgi, it will look for the first one, if not found, the next, and so on. You can easily add other index types to this configuration: index.php, index.asp, etc.

I have, in fact, come across site folders without an index file and it will show an index of all the files there.

Also part of the server configuration - what you should get here is a server error message, "Directory Indexing Not Allowed" (paraph.) If you can't get this changed, putting the index file in that directory is a fix, but it may be indicative of other small oversights that add up to security issues.

RonSolo




msg:3758700
 4:47 pm on Oct 4, 2008 (gmt 0)

g1smd: can you show an example of a line that you would add to your .htaccess that would stop the viewing of file lists for images and scripts?

Are there any good books or resources to learn more about server configuration, management, good habits, tips and tricks?

g1smd




msg:3758703
 5:00 pm on Oct 4, 2008 (gmt 0)

There are other ways, using DirectoryIndex etc, as suggested above, but sometimes I use this:

RewriteRule ^scripts/?$ /this.file.does.not.exist [L]
RewriteRule ^styles/?$ /this.file.does.not.exist [L]
RewriteRule ^images/?$ /this.file.does.not.exist [L]

which can be simplified to:

RewriteRule ^(scripts¦styles¦images)/?$ /this.file.does.not.exist [L]

There's already a redirect in place which strips any named index file filename off the URL request.

With this, they don't get a "there's a folder here and you are not allowed to look at it" message, they instead get a "that thing doesn't exist" error message.

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / WebmasterWorld / New To Web Development
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved