How To Stop Web Users Having Access To / Seeing The Contents Of Web Folders

Here is a very simple, but effective way to stop web users being able to see the contents of a folder on a web host.

put index.htm file in the folder.

When the web user navigates to the folder, the index.htm file will display,  rather than the contents of the folder.
The htm file can be empty, in which case the browser ill display a blank page.

Simple.. but effective!


2 thoughts on “How To Stop Web Users Having Access To / Seeing The Contents Of Web Folders

  1. Yes, it is simple… too simple to be true in fact. This will stop your average joe, but if somebody actually wanted to view the other files in the directory I’m sure that they would have the knowledge to get passed your little index.html prevention! If you really wanted to stop people from accessing the files in a certain directory, why not password protect the directory? It doesn’t actually take an ultra secure password to deter your average hacker either, as the only way that they could ‘hack’ the password is by guess work or brute force!

    Alternatively, just don’t put the files in a place that is accessible to the public in the first place. If you still want to host them on a server, just make sure that they are not in the directory, or any sub directories of /public_html/

    Kind Regards.

    • Agreed. This method is only intended to stop the browser displaying a list of files if it navigates to a directory.
      Sensitive files need further security considerations.

      Thanks for your input Andy.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s