The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

file security

Discussion in 'Security' started by ras`, Jun 6, 2006.

  1. ras`

    ras` Member

    Joined:
    Apr 25, 2006
    Messages:
    18
    Likes Received:
    0
    Trophy Points:
    1
    Hi,

    Is there a way to secure our files located at : xxx.xxx.xxx/images
    This link enables others to download our files easily.
    Anyone had an idea?

    ras
     
  2. webignition

    webignition Well-Known Member

    Joined:
    Jan 22, 2005
    Messages:
    1,880
    Likes Received:
    0
    Trophy Points:
    36
    You can setup hotlink protection in cPanel to prevent others linking directly to your media from within other HTML documents.

    However it would not be possible to simply prevent people from downloading your images if you have chosen to make them publicly accessible.

    If you don't want people to download your images, don't put them somewhere where people can access them!
     
  3. NightStorm

    NightStorm Well-Known Member

    Joined:
    Jul 28, 2003
    Messages:
    286
    Likes Received:
    4
    Trophy Points:
    18
    cPanel Access Level:
    Root Administrator
    Twitter:
    Disable indexing for that folder, or drop an empty index.html file in the folder. This will prevent users from being able to see what you have in there, and will restrict them only to the images that you actually post somewhere.
    Another method would be to password protect the directory.
     
  4. ras`

    ras` Member

    Joined:
    Apr 25, 2006
    Messages:
    18
    Likes Received:
    0
    Trophy Points:
    1
    Enabling the hotlink protection though it will redirect to other links but we have a hundred of sites to this as well as putting password to this directory.
    Would it be possible to do it in htaccess? Anyone had ever done it?
     
  5. avijit

    avijit Well-Known Member

    Joined:
    Jul 26, 2004
    Messages:
    116
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    India
    You can allow certain ip and disallow rest through the .htaccess.
     
  6. ras`

    ras` Member

    Joined:
    Apr 25, 2006
    Messages:
    18
    Likes Received:
    0
    Trophy Points:
    1
    i have a separate htaccess for ip block, i mean i just want none access to this certain directory.
    I believe making redirection would best suit our need but i got 100 domains to work on, I just wish i could just have same script to be run to all of these domains to save time, just like setting the ip block thru htaccess.
     
  7. bmcgrail

    bmcgrail Well-Known Member

    Joined:
    Dec 8, 2003
    Messages:
    83
    Likes Received:
    0
    Trophy Points:
    6
    Do you have root access to the server?

    If so you could add the following to httpd.conf

    <DirectoryMatch /images/>
    Options All -Indexes
    AllowOverride All
    </DirectoryMatch>

    This would turn off directory listings server wide for all images directories but still allow others the ability to turn them back on with .htaccess files.

    Otherwise just add

    Options All -Indexes

    to your main .htaccess file. That will make it so nobody can look at any directory without an index page.
     
    #7 bmcgrail, Jun 7, 2006
    Last edited: Jun 7, 2006
Loading...

Share This Page