I am looking for a way to access a folder in a site that contains index.html or index.php .
But when I remove the index file, when I try to access list of contents from the url, I get
404 page not found
error ;
Is this possible to see contents of a folder with features that I said , if yes why ?
You could enable directory listing in your .htaccess file that you would put in the directory that you want to browse:
Options +Indexes
But the fact that you are getting 404 error might also mean that the directory doesn't exist at all on the server. So make sure it exists and has a .htaccess file inside it allowing directory browsing.
Related
I have created a .htaccess file (given bellow) to prevent parent directory file listing, except default index files. Also, I have created a custom redirection file illegal_access.php for Error 403.
ErrorDocument 403 http://www.sitename.edu/illegal_access.php
Options -Indexes
To capture the site activity, I have included log.php inside all PHP files (including illegal_access.php). Everything works fine.
But, In log file, for each parent directory access with index.php file it captures both index.php file name and illegal_access.php file name. For example:
If I open the site http://www.sitename.edu, the log file captures both
http://www.sitename.edu/ and http://www.sitename.edu/illegal_access.php URLs.
Is it possible to solve this issue, without excluding the log.php file inside the illegal_access.php file? Because, I want to capture the illegal access activity too.
I am working on a CI Application.
Now I Have a folder in my project called base_ini, in which I have some config files. I want to secure this file, so no can can view its content directly from browser.
So I tried this two ways:
Put an index.html saying that Directory access is forbidden.
I put a .htaccess file in that folder with Deny from all
If I pass this in URl : www.example.com/base_ini I do get proper error message.
But still if from browser I pass this path www.example.com/base_ini/default.ini then I can view its content.
How can I stop this access?
Put below line in your htaccess file and put that file at www.example.com/base_ini/ (path)
Options -Indexes
when we give ip in browser its not pointing to the index page. It showing error : "Not Found The requested URL / was not found on this server" though index page is there in DocumentRoot.
If we give ip/index.php, it shows the page. Similarly when i opened test directory containg some files in browser (url : ip/test),it showing same error "Not found" instead of listing the files in the directory.
Autoindex module was enabled .
Tried giving Options +Indexes // enables the listing of files/folders in a directory
Permission for the directory also enabled.
But still got the same error. When checked with log file , whenever i tried to open directory, showing "attempt to load directory"..But its not loading.
[This was happening with test server ,whereas stage server working properly. Also compared test and stage server configuration files like default [/etc/apache2/sites-enabled] , .htaccess , apache2.conf , httpd.conf, evrything seems to be same. ]
.htaccess file
`Options +FollowSymLinks
DirectoryIndex index.php`
log file
Attempt to serve directory: /var/www/
Document Root : /var/www/
Would someone have an idea to fix that one. Thanks in advance
It appears you need this line on top of your DocumentRoot/.htaccess:
DirectoryIndex index.php
This will by default load index.php in each directory if request is for domain.com/somedir or just domain.com/
I am using shared server for my website and therefore i dnt have access to my httpd.conf.
my director r getting listed like
when i click on mysite.com/xyz/
all php files are showing.
Please help
in your .htaccess file add
Options -Indexes
To follow up and more thoroughness, you can also use an index file in the directory by creating a blank index.html file.
e.g. index.html
Or you can also specify the exact file and orders you want to be the index in htaccess with
DirectoryIndex index.html index.php
So there you have a few choices. The file will have to exist and it can contain anything or nothing.
Ok so my current sites is on the .htaccess method to block user access to the directory
e.g. http://www.example/_directory/ via Options All -Indexes
Question should I stick with that or is putting an index file e.g. index.php in every directory better? I'm thinking of an index.php that will redirect to the homepage rather than giving users an error 403 page.
Opinions?
It would be clever to build your web site in a way that these subdirectories also have content (e.g. about/ also shows some information, when about/history/ and about/our-company/).
If the directories contain only files, it's IMHO totally fine to just have a 403.
Answers to your questions might be very biased.
If you're on a Unix/Linux server, you don't need to have blank index files at all in your directories. Just create a .htaccess file and put the following code in it:
Code:
Options -Indexes
When anyone tries to access the contents of a directory that doesn't have an index file, they'll get a 403 error.
Ref : http://wildlifedamage.unl.edu/manual/mod/core.html#options