i am using apache server and presently when i try accessing any folders of
my website i am able to browse the files ex = www.website.com/images which
is a serious security risk as i am building a forum website using php and
mysql.

in the root directory i have created a .htaccess file and whenever someone
access a file which is not on the server i have created a user friendly
message that the file does not exist instead of a 404 error message
displayed by the browser.

similar to this how can i go about restricting users to browse all my
folders in the toot directory. if anyone accesses for ex =
www.website.com/phpscripts an alert should appear asking them to enter a
username and password.

1. how can i do this using apache.
2. where do i write the username and password information and will this
apply to all the folders in the root directory or specific directories.

please advice.

thanks.

Reply via email to