LoL i used to answer this question on a daily basis but ive forgotten. How do i make my cgi-bin forbidden -

------------
If you want to disable directory listing, the easiest way is to just upload a
blank file called index.html to the directory.

You could also change the permissions on the directory so that it's not
world-readable. It has to be world-executable, though. This will disable a
directory listing, but will allow browsers access to the scripts if they know
the filename (eg. from a link on your site).

-------------

Thats the email response that tera-byte sent me but what do i set it it to lol ... gimme it in numbers too please lol.

chmod it 700, that will work for you

700 - stopped all my scripts working

tryed 701- that stopped made the cgi-bin/ forbidden but didnt make the subdirectorys forbidden.

Damn it, :) Im sorry i meant 711

Thanks Jag works perfectly so far :-). None of the scripts have stopped functioning yet lol.

No problem

is there anything else i can do to help keep nosey people out of my directory's?. I've always got people snooping around my files.

Also on a virtual host is there a script i can setup to stop people linking to my files and images from outside?.

Like they said, if you have a dir you want them to stay out of just put a completely blank file named index.html in the dir. When they try to just view that dir the browsers will either pull up a white page or wont reslove at all because there will be no data there.

thanks again jag for ur fast answer. I'm just trying to put as much security on my website as a user can possibly do.

In order to do this would the main top directory hold only index.html with your opening page with all links going to sub-directories of the top level. You then would place a blank index.html in each of the sub directories?

Graham

if i understood this right do it like this -

in your subdirectorys which you do not want people to see the contents of just place a blank index.html file in that sub folder no linking required. or chmod it to 711 works either way like jag said.

An index page is good to have regardless of what you do with permissions. That way, if you ever change permissions again, you still have protection.

It doesn' have to be blank. It could have the name of your site, a notice about snooping, or even redirect them to the main entrance of the site.

There are scripts like Bandwidth Bandit that can prevent people from linking directly to your images. I know some free graphics sites that use such scripts (which is where I found it) as it prevents people from stealing their bandwidth through direct linkage.

Another method is to put them behind a password protected directory, but that could be inconvenient to your users.

[Edited by Duster on 09-08-2000 at 11:03 PM]

Duster where can i get this script from? is it shareware or freeware?.

It's freeware and is available at http://www.mikesworld.net

When a user tries to see an image on a wb site that has linked to an image protected by Bandwidth bandit, they see a message you can configure. Mine tells how the site they are on are thieves trying to steal bandwidth, which is what the stock message says if I recall.

The are more available at cgi-resources.com also.

Eddie, the most secure way to prevent people from snooping is to simply put password protection (through .htaccess or through http://www.hostedscripts.com ). There's always ways of getting around directories..

I agree, password protection will work pretty well.

That could cause a problem as its a chatsite. I've figured out how to hide the files i dont want poeple to see. Should really of looked closely at the orignal script as it gave pointers for hiding certain files.

Ive password protected all the admin panels with .htaccess files and it works fine. Also made it forbidden to enter my cgi-bin.

Now im just coming up with ways to stop people linking to my images :-).

Eddie, cgi chat script? Yeech. Keep an eye on that one! What service is that one on? Tera or webnetics ?

tera byet been there for 3 months. the cgi chat is not like other chats its e-chat designed to be light on the server you can email the owner hell give u full details.

Not like the big resource hogs like chatpro and stuff. its very light on the server. and the message area is pure html unlike other scripts.

heres the addie - http://www.kchat.org .... when i enquired about placing it there they said they would see how it handles on cobalt if it becomes a hog well move it to the free bsd servers.

i also had the chatroom on webnetics for 6 months. Thats one thing i have to say about webnetics they didnt complain about the chat as it only used 4.6 gb bandwidth a month and very little cpu.



[Edited by Technics on 09-09-2000 at 12:28 PM]

I've been using Bandwidth Bandit for months now it works great!! The only thing about it i don't like is on all your html pages the pics you want to protect you have to change all the files from image.jpg to image&jpg im sure anyone that's used Bandwidth Bandit knows what im talking about :)


Is there a program that could change images.jpg to images&jpg for you? When you have 1,000 + pages that you want to protect it takes forever to change them all also is there way to stop site rippers? Bandwidth Bandit stops some of them but it dosen't the new ones and when your site is 99% images 50mb worth and a 100 people use a site ripper that adds up!! The new site rippers let you pick wich web broswer will be left on the servers status log you can pick from IE to netscape or the site rippers real name so the webmaster will never know it's been used on his site.

I would pay someone to make a script that would stop these things anyone know where i could get such a thing done?

***Jen***

Jen,
I see the possibility that you send all your images through a so-called anti-leach scripts. These would hide the true source of your images as well as being undetectable with the majority of web bots.

That should not be hard to find, or to make either if you ask me :)
Try looking aroudn in the CGI scripts depots.

I've been looking all i can find is anti-leech stuff. You couldn't point me to a active cgi board could you? All the ones i find it takes days and weeks before someone replys.

:)