Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

Directory/File hierarchy visible in site. Should I change .htaccess or what?

Posted on 2009-12-30
13
Medium Priority
?
328 Views
Last Modified: 2012-05-08
I have a website as follows:
http://www.ctis.bilkent.edu.tr/BIMAlumni/index.php

There is no problem regarding the site but when the user manuall deletes index.php from the address bar of the browser to:
http://www.ctis.bilkent.edu.tr/BIMAlumni/

the hierarchy and files are visible, naturally as html, so I am safe but I don't want that to be visible. I think I will be changing .htaccess file. How can I do that? What should I do?

Best regards.
0
Comment
Question by:jazzIIIlove
  • 6
  • 4
  • 3
13 Comments
 
LVL 34

Accepted Solution

by:
Beverley Portlock earned 2000 total points
ID: 26144668
Set in .htaccess

Options -Indexes

and that should do it
0
 
LVL 4

Expert Comment

by:gsx1022
ID: 26144669
Hi,

you should add this directive to your htaccess file:

<Directory /BIMAlumni>
AllowOverride -Indexes
</Directory>

gsx1022
0
 
LVL 4

Expert Comment

by:gsx1022
ID: 26144678
Hi,

I mixed up the directive. Sorry. bportlock's solution is the solution, but you will have to put the options directive in a directory element.

gsx1022
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
LVL 12

Author Comment

by:jazzIIIlove
ID: 26144844
ok...
but where is my .htaccess file? I mean normally should it be in /var/www/html/
0
 
LVL 34

Assisted Solution

by:Beverley Portlock
Beverley Portlock earned 2000 total points
ID: 26144968
The .htaccess file is a hidden file (that's why it starts with a ".") and it should be in the root directory of the website, so I'll guess that it will be in

/var/www/html/ctis.bilkent.edu.tr

or something like that. If it is missing then create a file of that name and ensure that its permissions allow the web-daemon to read it. A guide to .htaccess and a lot of its features is here  http://www.javascriptkit.com/howto/htaccess.shtml and the official guide is http://httpd.apache.org/docs/2.0/howto/htaccess.html and the Options directive is at http://httpd.apache.org/docs/2.0/mod/core.html#options

Look for a directory section like gsx1022 said (or make one) and insert the Options - Indexes code
0
 
LVL 12

Author Comment

by:jazzIIIlove
ID: 26145013
ok
I create a .htaccess file in /var/www/html/ctis/BIMAlumni
with the content:
<Directory /BIMAlumni>
Options -Indexes
</Directory>

but I have internal server error with index.php and also without index.php
http://www.ctis.bilkent.edu.tr/BIMAlumni/index.php

Best regards.
0
 
LVL 34

Assisted Solution

by:Beverley Portlock
Beverley Portlock earned 2000 total points
ID: 26145172
Just a thought - if the .htaccess is in /BIMAlumni then you should not need the <Directory> and </Directory> tags. They are only needed if you are referring to a directory other than the one you are in. I assumed that your .htaccess was going to be in the website root.
0
 
LVL 4

Expert Comment

by:gsx1022
ID: 26145176
Hi,

the
<Directory /BIMAlumni>
needs to be an absolute path. So in your case I believe
<Directory /var/www/html/ctis/BIMAlumni>
would work.

gsx1022
0
 
LVL 12

Author Comment

by:jazzIIIlove
ID: 26145233
I put htaccess file to /var/www/html/ctis/BIMAlumni
and it has the content as follows:
<Directory /var/www/html/ctis/BIMAlumni>
Options -Indexes
</Directory>

but it gives again internal error with the addresses http://www.ctis.bilkent.edu.tr/BIMAlumni and http://www.ctis.bilkent.edu.tr/BIMAlumni/index.php

I tried for the redirecting from the links you have given, no joy.

Best regards.

0
 
LVL 12

Author Comment

by:jazzIIIlove
ID: 26145236
.htaccess is the file name
0
 
LVL 34

Assisted Solution

by:Beverley Portlock
Beverley Portlock earned 2000 total points
ID: 26145298
As your .htaccess is in the BMUAlumni folder rather then the /ctis folder, have you tried removing the <Directory> and </Directory> tags and leaving only the Options -Indexes directive?
0
 
LVL 12

Author Closing Comment

by:jazzIIIlove
ID: 31671145
Not only forbids but also redirects to a php and/or html file that they must be in the hierarchy:)

Options -Indexes
DirectoryIndex index.php index.html index.htm
0
 
LVL 12

Author Comment

by:jazzIIIlove
ID: 26159040
P.S. If you are in the directory, remove Directory tags from .htaccess file.
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

CTAs encourage people to do something specific to show interest in your company, product or service. Keep reading to learn why CTAs should always be thought of as extremely important, albeit small, sections of websites.
Strategic internal linking is often considered an SEO power technique, especially for content marketing. Do you need to hire an SEO agency to optimize you internal linking? No, this article will help you understand the basics of internal linking and…
The viewer will get a basic understanding of what section 508 compliance can entail, learn about skip navigation links, alt text, transcripts, and font size controls.
The viewer will learn how to create a basic form using some HTML5 and PHP for later processing. Set up your basic HTML file. Open your form tag and set the method and action attributes.: (CODE) Set up your first few inputs one for the name and …
Suggested Courses

564 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question