Skip to main content

htaccess disable directory browsing, disable file listing, disable file access


There may be some personal or secure data in a file, that you want to hide from the end user, when it is viewed through a web browser.


Ex: http://www.example.com/user_files/24/chat.txt

In the above scenario, if the file "chat.txt" contains a secure data, and you dont want to allow end users to directly access the file, or to disable the file listing in the folder "user_files" or "24", use the below code in your .htaccess file inside "user_files" folder:

Options -Indexes
order allow,deny
deny from all
Labels:

Comments

Post a Comment

Popular posts from this blog

Retaining checkbox status of a form after submitting it

we will learn here how to post back or retain the value ( status ) of the checkbox. We will use php header redirection to post back the values to our main page where checkbox is present. We will call form page as first page and action or submitted page as second page. The form data will be received by second page and it is supposed to post back the form data back to form page by using query string through address bar. To keep the second page simple we will keep only the redirection part. Here we have excluded the part which takes care if the form passes its validation and execute the actual script (redirection part). Here is the code of our form with two checkboxes, pb-check.php <?php $t1=$_GET['t1']; $t2=$_GET['t2']; if($t1=="yes"){$t1v="checked";} else{$t1v=="";} if($t2=="yes"){$t2v="checked";} else{$t2v=="";} ?> HTML Form code: <form method="post" action="pb-chk.php"> <inp...
1 comment
Read more

Identify the user's browser

Sometimes there arises a need to identify the user's browser. It is pretty easy to find browser with jquery. So if you have included jquery in your page, it takes a simple line to identify the browser:  if ($. browser . msie ) {} // IE if (($.browser.msie) && ($.browser.version == '6.0')) {} // IE6 if ($. browser . opera ) {} // opera if ($. browser . mozilla) {} // Firefox With the help of php, you can get the browser  details with the help of:  $_SERVER['HTTP_USER_AGENT']; Or you can even use the combined version of php and javascript. php + javascript code: <script type="text/javascript"> var string1 = "<?php echo $_SERVER['HTTP_USER_AGENT']; ?>"; // Browser string var myRegExp1 = /Firefox/; var matchPos1 = string1.search(myRegExp1); var myRegExp2 = /Chrome/; var matchPos2 = string1.search(myRegExp2); var myRegExp3 = /MSIE/; var matchPos3 = string1.search(myRegExp3); if(matchPos1 != -1) ...
1 comment
Read more

Facebook connect using graph api

An example of using facebook graph api to authenticate users: Setup a new application in facebook apps and get the app id and secret. Now follow the steps: Remember to give the same url in the below code, as that of the app settings. <?php if( !isset($_GET['code'])) { ?> <a href="https://graph.facebook.com/oauth/authorize?client_id=xxxxxxxx&redirect_uri=http://xxxxxxxxxxxxxxxx/">Connect using Facebook</a> <?php } $code = trim($_GET['code']); if(isset($_GET['code'])) $token = file_get_contents("https://graph.facebook.com/oauth/access_token?client_id=xxxxxxxx&redirect_uri=http://xxxxxxxxxxxxxxx&client_secret=xxxxxxxxxxxx&code=$code"); $token = explode("=", $token); if(isset($_GET['code'])) $user = json_decode(file_get_contents('https://graph.facebook.com/me?access_token='.$token[1]));  print_r($user); ?>
3 comments
Read more