Help: How to Prevent Access to Directory?

ROGERKLOTZ · Share | #1 (**permalink**) 01-05-2010, 12:02 PM

I have a wordpress blog and am trying to figure out how to prevent visitors from accessing my files that are located in the directory. Here is an example

I have an image located at:

"http://www.example.com/wp-content/uploads/2009/12/image.jpg"

And if I were to type in this URL in my browser, visitors gain access to all my files that were uploaded on December 2009:

"http://www.example.com/wp-content/uploads/2009/12"

Also, if I were to type in this URL in my browser, visitors gain access to all my files that were uploaded in 2009.

"http://www.example.com/wp-content/uploads/2009"

Is there a way to prevent this? I added a code to my htaccess file and it disallowed anyone access to these files, HOWEVER, it took my entire website down as well.

The second thing I tried was going into my FTP (Filezilla) and changing the File Permissions for the appropriate folder (wp-content) so that Visitors could just "Read" and NOT "Execute" or "Write". After doing this, visitors cannot access the files and the website is still live, BUT all the images on the website do not show, but the site is still up.

Help would be greatly appreciated. It's been very frustrating.

**HTMLBasicTutor** · #2 (**permalink**) 01-05-2010, 12:37 PM

.htaccess file in folder where you don't want them to see the list of folder contents with:

Code:

Options All -Indexes

Gives the following message:

Quote:

Error 403 - Forbidden
You tried to access a document for which you don't have privileges.

Mia · #3 (**permalink**) 01-05-2010, 01:08 PM

Some simple solutions which does not lock people out but will accomplish the same easily.

Just place an index file in each directory that redirects to the index of the site itself.
Also, to insure the SE's do not index be sure to place a robots.txt file with the following in it:

Disallow: /images

ROGERKLOTZ · #4 (**permalink**) 02-02-2010, 12:44 AM

Quote:

Originally Posted by htmlbasictutor

.htaccess file in folder where you don't want them to see the list of folder contents with:

Code:

Options All -Indexes

Gives the following message:

I tried the Options All -Indexes and it worked for 3 days with no issues, and then all of a sudden out of nowhere, the images on my blog stopped appearing. And then I removed the code from the .htaccess file and the images appeared on my blog again. As of right now, I have removed the code. Why is this the case?

**HTMLBasicTutor** · #5 (**permalink**) 02-02-2010, 09:46 PM

Not sure why it's a problem all of a sudden unless your hosting did something.

Try the blank index page in the folder(s) idea. That will stop people seeing a list of the images in the folcer, although a pain that you have to do this each time you make a new folder.