httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jonesy <gm...@jonz.net>
Subject [users@httpd] Re: Denying access to a folder while allowing the content inside it to be displayed on other pages?
Date Thu, 19 Jul 2012 14:09:57 GMT
On Tue, 17 Jul 2012 18:32:13 -0400, Ryan Bowman wrote:

> I guess I would like to deny access to the index. 

In everyone of my /images directories (and, some others) I put:

<HTML><HEAD></HEAD>
<BODY BGCOLOR="#CC0033" ></BODY></HTML>


I do this to cover the exposure to the web host(s) from flip-floping 
the Indexes option on any server re-configuration or upgrade.
Got exposed that-a-way one time years ago....

> But I also don't want
> people to be able to view my global.css file, which every page is linked to
> and is in the directory "/css". 

They _have_ to have access to it!  The browser (the user) has to 
download the css file to apply it.  But, you could put the dummy
index.html in "css/" to thwart people who would attempt to easily 
browse all your css files.

Jonesy


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message