[pmwiki-users] protection against reading directories with truncated path

H. Fox haganfox at users.sourceforge.net
Wed Sep 14 06:13:51 CDT 2005

On 9/14/05, Stephan Schildberg <schildberg at scoid.de> wrote:
> This is a question more regarding  .htaccess files.
> How can I protect my "uploads directories" from outside access? You
> know, you get a list of the directories  files on the screen.
> This is what I do now, inserting an index.htm with that piece of html to
> deviate to the next higher level of a PmWiki created page.
> Is it secure then? Should I use an appropriate .htaccess file, and how
> does it look like?

    Order Deny,Allow
    Deny from all

The .htaccess file goes in your uploads/ directory.  You'll also want
to put the following line in your config.php file:


> Last question in this context is how I can produce a standalone for a cd
> (where I would renounce of search features and so on...).

This recipe (which I haven't tried) may be suitable for that:



More information about the pmwiki-users mailing list