1. Home
  2. Forums Index
  3. Server Side / Apache Web Server 12:28 pm May 2, 2026

Forum Moderators: phranque

Message Too Old, No Replies

Disallowing directory browsing for the users

         

kaidok

7:51 pm on May 20, 2009 (gmt 0)

10+ Year Member



I want to avoid that the user can browse through my folders even in the ones he's allowed access.

I mean, let's say that I've a /usr/local/apache/htdocs/website folder of course it must have public access, but I don't want the user to put on his navigator bar domain/website and seeing their contents. How can this be avoided? I've seen a place that tells the following to avoid it:

<Directory />
Order Deny,Allow
Deny from all
</Directory>

But that doesn't serve al all, any idea?

jdMorgan

1:27 am on May 21, 2009 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



See Apache core Options [httpd.apache.org] directive: 

 Options -Indexes

Other alternatives include:

1) Putting an index file in each subdirectory (possibly with a meta-refresh in the page's <head> )

2) Using mod_rewrite to generate a 30x redirect or 403-Forbidden in response to requests for indexes at all but the top level.

3) Using mod_alias to redirect requests for indexes at all but the top level.

Jim

 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

  1. Home
  2. Forums Index
  3. Server Side / Apache Web Server 12:28 pm May 2, 2026