If you are running Apache and have access to the httpd.conf file. Comment out AddModule mod_autoindex.c and restart apache. if you like this for some of your directories, then I'd follow Jason's advice. If you are using IIS or another server, I'm sure the same option is available, but I'm just not sure where.
Hope this helps. Jeff Jason Wong <phplist@gremli To: [EMAIL PROTECTED] ns.com.hk> cc: Subject: Re: [PHP-DB] Re: securing directory tree and allowing PHP to 08/20/2002 work 10:35 AM Please respond to php-db On Tuesday 20 August 2002 16:30, bmw wrote: > >>"Bmw" <[EMAIL PROTECTED]> wrote in message > >>[EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > >> I am trying to find out how I can secure the directory tree of my PHP > >> scripts from the HTTP server without preventing access to my PHP scripts > >> once in session. Right now, if I type the URL of a subdirectory of my > > site, > > >> I get the index of all the files and directories. > >> > >> Ex: > >> > >> http://domaine/index.html has DB access user login and password for my > >> session authentication to enter into my scripts and run the program. If you goto http://domaine/ does that show http://domaine/index.html ? > >> If I type http://domaine/subfolder/ I can see all the PHP code I want > >> without logging into my site. How can I protect the server from doing If so, simply put in an empty index.html into the directories where you do not want people to the direcrtory listing. -- Jason Wong -> Gremlins Associates -> www.gremlins.com.hk Open Source Software Systems Integrators * Web Design & Hosting * Internet & Intranet Applications Development * /* ... and furthermore ... I don't like your trousers. */ -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php