[pmwiki-users] protection against reading directories with truncated path
H. Fox
haganfox at users.sourceforge.net
Wed Sep 14 06:13:51 CDT 2005
On 9/14/05, Stephan Schildberg <schildberg at scoid.de> wrote:
> This is a question more regarding .htaccess files.
>
> How can I protect my "uploads directories" from outside access? You
> know, you get a list of the directories files on the screen.
>
> This is what I do now, inserting an index.htm with that piece of html to
> deviate to the next higher level of a PmWiki created page.
> Is it secure then? Should I use an appropriate .htaccess file, and how
> does it look like?
Order Deny,Allow
Deny from all
The .htaccess file goes in your uploads/ directory. You'll also want
to put the following line in your config.php file:
$EnableDirectDownload=0;
> Last question in this context is how I can produce a standalone for a cd
> (where I would renounce of search features and so on...).
This recipe (which I haven't tried) may be suitable for that:
http://www.pmwiki.org/wiki/Cookbook/JjsCMS
Hagan
More information about the pmwiki-users
mailing list