We use cookies to help make our site work properly and to analyze how our site is used. Some are optional, but none contain your personal information, and we don't use any for ads. You can view our cookies policy, manage your cookie preferences, or consent and dismiss this banner by clicking agree:

Agree
ExpressionEngine CMS
Open, Free, Amazing

Thread

This is an archived forum and the content is probably no longer relevant, but is provided here for posterity.

The active forums are here.

Best Security Practices for Images Folder

August 31, 2011 9:12pm

Subscribe [2]

  • #1 / Aug 31, 2011 9:12pm

    adrake9

    57 posts

    I’ve recently migrated a site and noticed that I can access all of my directories within my image folder. I’m aware that I can place a index.html in all of my file upload locations and have done so, but this is more for my clients. If they create a new file upload location they will not be aware of this potential security issue.

    My question is this. On other sites that I have running ExpressionEngine I have no need to do this and accessing the file upload locations is not possible from the url, how is this done?

  • #2 / Sep 01, 2011 11:37am

    Kevin Smith

    4784 posts

    Hi adrake9,

    It sounds like you want to prevent web visitors from viewing the directories within your images folder whether or not there’s an index.html file in the directory in question, right? In that case, I’d recommend you set up an .htaccess file along the lines of the suggestion in this article.

    Does that help?

.(JavaScript must be enabled to view this email address)

ExpressionEngine News!

#eecms, #events, #releases

© Packet Tide, All Rights Reserved. Legal Notices

Username

Password

Forgot password?
or Register