Welcome to WebmasterWorld Guest from 126.96.36.199
Forum Moderators: mack
Depending on your server setup, if you DON'T do this, your server will substitute a file list at that URL, which can be a security risk.
Lets imagine your site is about cars, you have a folder called "engines". I might get to that folder by following a link to a page about ford engines...
This might be of interest so I then decide to delete the ford.html so see what other information you have and get a page not found. The index page could have been used to allow me to see all the pages available. By default some servers, if not most! will show a directory index. "Index of" page. These are very unprofessional, you can make a simple html page to link to your pages within the folder.
I have, in fact, come across site folders without an index file and it will show an index of all the files there.
Also part of the server configuration - what you should get here is a server error message, "Directory Indexing Not Allowed" (paraph.) If you can't get this changed, putting the index file in that directory is a fix, but it may be indicative of other small oversights that add up to security issues.
Are there any good books or resources to learn more about server configuration, management, good habits, tips and tricks?
RewriteRule ^scripts/?$ /this.file.does.not.exist [L]
RewriteRule ^styles/?$ /this.file.does.not.exist [L]
RewriteRule ^images/?$ /this.file.does.not.exist [L]
which can be simplified to:
RewriteRule ^(scripts¦styles¦images)/?$ /this.file.does.not.exist [L]
There's already a redirect in place which strips any named index file filename off the URL request.
With this, they don't get a "there's a folder here and you are not allowed to look at it" message, they instead get a "that thing doesn't exist" error message.