In a message dated 1/31/2003 10:09:48 AM Pacific Standard Time, [EMAIL PROTECTED] writes:
>For example: The 'http://my_web_site/my_directory/index.php' file will be >displayed correctly, but if I type 'http://my_web_site/my_directory/' I'll >see the list of files and directories in the 'my_directory' directory. > > (Embedded image moved to file: pic30568.pcx) > >This is not secure. > >Please, does somebody know how I can protect a direct access to my >directories from a web browser? You have two issues here. One is that you do not have the default file set to index.php. That is, when the URL specifies a directory, the server looks for a specified file to send by default, and, in your setup, index.php is not one of the files it looks for to send by default. This is a setting in your web server. You need to change the setting there. In Apache, you specify this as follows: <IfModule mod_dir.c> DirectoryIndex index.php </IfModule> Your second issue is that the web server displays all the files in the directory when you don't have the default file it's looking for. This is also a setting in the Web server. In Apache, you specify this as follows: Options Indexes (to turn it on) Options -Indexes (to turn it off) You want to change the setting. Then, the web server will send a message when the file is not present in the directory, e.g.: Forbidden You don't have permission etc. Janet -------------------- Janet Valade Author, PHP & MySQL for Dummies -- PHP Install Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
