View Full Version : Image directory protection

06-06-2007, 07:55 AM
Didn't now where to post a suggestion for future releases of oscmax so I thought I'd drop it here.

I think a blank index.php file should be in every image folder especially those that relate to the catalogs.

I've been doing that to prevent people from browsing the directory on servers that don't prevent it.


~ Jared

06-06-2007, 11:41 PM
Actually that is wrong. You should be using .htaccess files

Use one line with:

Options -Indexes

06-07-2007, 06:09 AM
I try to avoid using HTACCESS files because they have to load by apache each and every time over and over again and they do not cache. I've seen some people on my server with HTACCESS files for rewrites as much as 75kb and they wonder why performance on their site is so slow for dial up customers.

I personally use blank index.php files because they dont need to load each time, only when needed.

But you make a valid point.

~ Jared

06-07-2007, 03:57 PM
better yet.

EVERY directory should have an index.html that contains

<meta HTTP-EQUIV="REFRESH" content="0; url=http://www.yourdomain.com/index.html">

This ensures that anyone who wants to get to your directories can't, but also ensures that any spyders that show up get redirected to the home page so that it will index properly.

06-07-2007, 07:06 PM
The best way is to have indexes off at the server level - in httpd.conf. A properly configured server is the always best way to go. This precludes the need for .htaccess or index files. There is no reason to ever have directory browsing on for publicly accessible addresses. That is what FTP is for.

If someone is worried about .htaccess performance hits, their site is either too busy to be using shared hosting or their shared server is way overloaded. The impact of .htaccess is minimal to nil on all but the busiest of sites.