Since my site consists of image archives, I want to disable directory snooping, so people can't go to the dir where the images are and download them all with Go!Zilla or something.

I made a .htaccess file in the dir containing:

Options -Indexes

That should do it. It works on my RaQ2, but on the RaQ4 it causes ALL files in the dir to become inaccessible (I get "Server has encountered an error...")

Any ideas? Thank in advance...

Maybe I don't understand the problem fully, but from what I've seen, just placing an index.html file in those dirs, even if it's just a redirect to the main page, or a "naughty, naughty, shame on you" notice will keep the webserver from listing the contents fo the dir.

If there are ways around this, I'd like to know...

That's what I've been doing in many of the dirs, but there are so many sub-directories and sub-sub-directories that it will take forever to put those index.html files in all of them...

I got the same error a while back and it got fixed when I added AllowOverride All to my <Directory> in httpd.conf and restarted apache.

Worth a try..

Tried AllowOverride All, didn't work. Seems when I put directives in the access.conf, they don't stick even after restarting Apache. Example:

<Directory /home/sites/home/web/temp>
AllowOverride All
Options -Indexes
</Directory>

When I go to the temp dir in my browser (it's empty) I still see the directory listing.

Any ideas?

To disable directory sneaking, you can login using cuteFTP or any other FTP program. Select all the directories you don't want people to sneak into, and change the mode to 711.


or you can login using telnet, then execute


chmod 711 yourdirectoryname

I'm copying and pasting this from my archives (this was originally written by someone from InTheQ.com). If you know how to use pico you don't need to go through all that FTP stuff, you can just edit the access.conf directly:

The initial release of the various RaQ4 server configurations from Cobalt
Networks has a bug in the default server configuration file that tells the
web server (Apache) to ignore ALL htaccess security files on the entire
server!

Here is how we fixed their problem:

1) Using TELNET, access the server as super user (root level access). You
must be in SU mode in order to perform the root level commands below.

2) Change to the /etc/httpd/conf dir on the server using the following
command:

cd /etc/httpd/conf

3) change the permissions on the access.conf file so you can access it via
FTP. The command is:

chown admin access.conf

4) Now using FTP access the server with user "admin" and change to the
/etc/httpd/conf directory.

5) Next download the access.conf file in TEXT mode. DO NOT download this
file in BINARY mode or else the file will be corrupted.

6) Open the file with any text editor and change ONLY the following line
that appears JUST ABOVE the "# ignore .ht*" line. ONLY change this one line
and make sure you are changing it correctly.

AllowOverride None

should be changed to read:

AllowOverride All

IMPORTANT: Be sure NOT to change the "AllowOverride None" line that appears
near the top of the file (just above the "AuthFailDelay" line). This
particular AllowOverride line needs to remain set to "None".

7) Save your changes and then upload the access.conf file back to the
/etc/httpd/conf directory using FTP. BE SURE to upload the file in text mode
and NOT binary mode.

8) Using TELNET, you need to change the ownership of this file back to
"root" which is done with the following command from within the
/etc/httpd/conf directory:

chown root access.conf

9) Finally, you will need to reboot your RaQ4 server in order for the
changes to take effect.

Originally posted by grsites
Since my site consists of image archives, I want to disable directory snooping, so people can't go to the dir where the images are and download them all with Go!Zilla or something.

I made a .htaccess file in the dir containing:

Options -Indexes

That should do it. It works on my RaQ2, but on the RaQ4 it causes ALL files in the dir to become inaccessible (I get "Server has encountered an error...")

Any ideas? Thank in advance...
Aloha

a good idea also ya may want to hide the dir some how using js or cloaking of some kine or JS so they have a harder time finding your dir by looking at the code
I can always snake your whole site with a program to take all your files depending on what kind of images you have that is one thing to remember but making a nonbrowsable dir is a good start

Hello intelligent Hosting,

My access.conf looked a little different from what you descriped, wich ofcourse confuses me :)

# This controls which options the .htaccess files in directories can
# override. Can also be "All", or any combination of "Options", "FileInfo",
# "AuthConfig", and "Limit"

AllowOverride AuthConfig Indexes Limit

# ignore .ht*
<Files ".ht*">
deny from all
</Files>

Now i have the exact same problem with .htaccess files, the produce a server error (wich btw is also very effective).

Originally posted by Intelligent Hosting

9) Finally, you will need to reboot your RaQ4 server in order for the
changes to take effect.

Uh, maybe I misunderstood this statement .. but a Raq sure ain't no Microsoft box and you don't need to reboot it for small changes like this.

You just need to restart the Apache webserver:
# /etc/rc.d/init.d/httpd restart