I have several websites hosted with my provider, they are all uploaded into different subfolders and are all working fine;

the problem I have is that all my files can be browsed very easily.

e.g.

If someone goes to
http://www.mywebsitexxxxxx.com it calls the index.php file which is fine

but if someone goes to
http://www.mywebsitexxxxxx.com/images
they will then see the entire directory.

Is there anyway to stop this?

Put a dummy index.html file in that directory with a message that directory is restricted and/or put a redirect link back to whatever page you want.

i.e.

<body>

This directory is restricted.

<meta http-equiv="refresh" content="0; URL=http://www.xxxxx.zzz">

</body>

where content="0; is the seconds before the redirect is appplied.

With a zero, it is an immediate redirect.

I have hundreds of directories so I don't fancy doing that.

Is there any other way?

e.g. create a .htaccess file that controls all the subfolders?

Yes, you could do it with htaccess, but I believe you would still have to place this file within all the directories you want protected. Also, not sure exactly how you would do it. Anyways, hope this helps.

If you have cpanel access you can protect your directories from there with little effort. Just click on the directory you want to protect and create a password. Then your directory is protected.

thetestingsite isn't right, .htaccess options for a directory work recursively, that is affect subdirectories too.

like

<Directory /users/jc_gmk/www>
Options -Indexes
</Directory>
will affect all subdirectories in /users/jc_gmk/www effectively giving 403 error when trying to list them

1. Index files.
2. .htaccess

Those are the two methods I know about. I'd suggest the code from ItsMeOnly.

Also, I think this has to do with server configuration, so you might be able to do it a bit below .htaccess if you want, but .htaccess is probably the easiest way.


If you have cpanel access you can protect your directories from there with little effort. Just click on the directory you want to protect and create a password. Then your directory is protected.I think what you are referring to here is that you can password protect an entire directory. This is true, but not what the original poster was asking. S/he wants to not allow the directory's contents to be listed when someone visits the directory without an index page, but still be able to view files in the folder. /images should not be viewable, but /images/1.jpg should be viewable.