... leaving out an index.html or index.php on your website. If there is no index file then the server may show a directory listing, containing files you don't want people to see... I've done this and low and behold someone gained the admin password to my ads stuff :(

:D

thats why you should set the permissions to not allow anyone to view the directory index even if you dont have an index.* file.

Originally posted by Insyder16
thats why you should set the permissions to not allow anyone to view the directory index even if you dont have an index.* file.


:D anyone know the .htaccess line I need to do this?

It's not done in .htaccess, it's done in FTP or telnet. The directory shouldn't be public readable.

It can also be a webserver setting. If you have access to that, make sure that directory browsing is disabled.

Originally posted by Dr. Web
It can also be a webserver setting. If you have access to that, make sure that directory browsing is disabled.

I'll tell host-today to disable it my RAQ... thanks :D







<? php include("/home/sites/site75/web/cloud9/errors/sig.inc") ?>