Image folder security

  • Hi

    I have WP 1.5 installed and have some questions about the security of my image folder(s). How can I avoid anyone being able to take a look at my image folder simply by typing in a URL (or any other way)? Lets say my site is at https://www.mysite.com and my image are at https://www.mysite.com/myimages. Anyone can then go that URL and see a directory of my images and download them.

    How can I avoid this? Is there a way to CHMOD the image folder to a certain settings to allow me, the administrator, to upload and play around with them but prohibit access to others? Any other security settings recommended? How do all of you protect your images folders?

    Thankful for any input

    Guerito

Viewing 4 replies - 1 through 4 (of 4 total)

  • Write “Tut tut…..no peeking” into Notepad
    Save as “index.html”
    Upload into image folder.

    put a blank index.html inside the directory, that will solve it

    Thread Starter guero

    (@guero)

    Thanks for the extremely quick replies guys. I searched the forums and the codex but couldn’t find the answer. I assume of course that I will still have normal access myself through the ftp or by being logged into my WP site?

    Silly question but how come this solution works?

    Guerito

    because Apache is magic ??

    index.html is your default DirectoryIndex file.. if theres one in a folder, apache is gonna send it to the browser. index.php will work also, in your case btw.

    I cannot and will not speak for how IIS handles it.. but for Apache, the technical and rather short (given Apache’s lack of brevity) explanation is here: https://httpd.apache.org/docs/mod/mod_dir.html

    and for your other questions.. yes yes and yes. ALL this does is send a page to a browser. No more directory traversal peek-a-boo’ers.

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘Image folder security’ is closed to new replies.

Tags