tags:

views:

21

answers:

1
Q: 

htaccess to prevent root access to folders with no index.htm(l)/php - with a redirect - scripts can still be accessed

What I have in each directory.

<Files *>
    Deny From All
</Files>

I would like to put an htaccess file in my root main directory that does this:

1- prevents root access to any folder.

2- Redirects the user to one url should he try to access any root.

3- Still allow scripts to run and write in those directories publicly.

I also want to make sure that if an index,htm(l)/ or ,php file exists, that is loaded normally.

I seem to be struggling in figuring this out.

Thanks in advance for rewriting this beginner in the right direction.

+1  A:  
# No root access without index.*
Options -Indexes
DirectoryIndex index.php index.html index.htm

# Rewrite
RewriteEngine On
RewriteBase /

# Existing file
RewriteCond %{REQUEST_FILENAME} !-f
# Existing directory
RewriteCond %{REQUEST_FILENAME} !-d
# Symbolic link
RewriteCond %{REQUEST_FILENAME} !-l
RewriteRule ^ your-default-file.html [L]

I’m not sure about your point 3. The webserver doesn’t know if an user agent is a script or a browser.

toscho  2010-09-13 15:17:41
I think this'll work perfectly.
Litso  2010-09-13 15:20:09
I still want the scripts to run and "pages" to load normally for users coming in from where ever. Sorry I was not clear on that.
Jim_Bo  2010-09-13 15:20:55
What if I want to redirect them to a url? Will that still work on the last rewrite rule there?
Jim_Bo  2010-09-13 15:23:17
Not working. Directories with index.html are still being redirected to the file or url in the last rule. I only want directories without an index.html or index.php to be redirected.
Jim_Bo  2010-09-13 15:33:28
The code above works for its' purpose but, i would have to put it in each directory and point it to that directories index.htm / index.php file (or whatever file).
Jim_Bo  2010-09-13 15:38:47
The code works from the root directory; you don’t have to create duplicates. If it doesn’t take a look into the rewrite log. Make sure no other rewrite rules interfere with these rules.
toscho  2010-09-13 15:51:44
No other rewrite rules exist. If I try to access a directory that contains an index file, I am still redirected to your-default-file.html.
Jim_Bo  2010-09-13 16:19:20
Is your index.html really registered? I added a DirectoryIndex rule for a demonstration how to do that.
toscho  2010-09-13 18:50:49

related questions

Is it safe to deny access to .ini file in .htaccess?
.htaccess redirect performance
How can I fix my .htaccess to resolve URLs that don't end in slashes
Find the page that the user intended to see
Configuring wordpress .htaccess to view subfolders
Getting file name of file directed by .htaccess?
Apache htaccess on Win2k is not being processed
How do I stop visitors directly accessing the directories in my website?
What happens first? .htaccess or php code?
Apache/php guru needed! htaccess files, php, includes directories, and windows XAMPP configuration nightmare!
Edit php.ini with .htaccess
Do you have to restart apache to make re-write rules in the .htaccess take effect?
Apache Mod-Rewrite Primers?
Dynamic IP-based blacklisting
.htaccess mod rewrite 301-redirect
How to make a web app appear at the root of the site?
Is it possible to use .htaccess to send six digit number URLs to a script but handle all other invalid URLs as 404s?
How do I use .htaccess to redirect to a URL containing HTTP_HOST?
How to convert Apache .htaccess files into Lighttpd rules?
Wildcard Subdomain Exceptions
Redirecting non-www URL to www
How can I use `scp` to deploy a website's `.htaccess` file?
How do I add a MIME type to .htaccess?
Mod-Rewrite loading files behind the DocumentRoot
.htaccess directives to *not* redirect certain URLs