Brian wrote:
I have searched the archives and found lots of posts on directory browsing and how to disable it. I have a more specific question. I have added index.html files to all my directories to keep people from being able to get directory listings via there web browsers. What is the easiest way to fix this security hole?
Although not a security hole, the easiest way we have found is to put an .htaccess file in the root folder of your website. On a RaQ3 this would be:
/home/sites/site##/web/.htaccess (where ## is the number of the site you wish to protect).
1 - With a text editor of your choice create a file called .htaccess (the period must be there)
2 - Put this line within the .htaccess file: Options -Indexes 3 - Save and upload this file to your directory /home/sites/site##/web/Now, assuming I have not forgotten anything, you will be able to go into all directories but will be unable to view the directory if you happen to not have an index.html file in it. This will work for all subdirectories automatically.
I apologize if I have forgotten a step but I think that is it.You will put more of a strain on the server in the way of overhead, but it will be pretty much nonexistent.
James Riordon