Please upgrade here. These earlier versions are no longer being updated and have security issues.
HackerOne users: Testing against this community violates our program's Terms of Service and will result in your bounty being denied.

Best way to restrict direct access to files and folders?

edited February 2011 in Vanilla 2.0 - 2.8
I need to prevent users from gaining direct access to directories or files, e.g. or ...vanilla/plugins etc, but obviously still need the forum be able to run as an application as a whole.

I tried to add a .htaccess in each folder (applications, plugins etc), and add something like this (and other similar commands):

<Files *> Deny From All </Files>

But it tends to break certain parts of the forum.

Could anyone recommended the best way to force 403 forbidden when a user is trying to directly access directories in Vanilla?

Also I dont want to use something as simple as IndexIgnore *, as this is not adequate because the file locations are easy to guess.



Sign In or Register to comment.