You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@httpd.apache.org by Rich Thomas <th...@buffalo.edu> on 2002/08/26 22:28:06 UTC

[users@httpd] Preventing directory listings except for one user

Hello,

 

I'm trying to give one user the ability to see a directory listing and
only let others see the particular file <page> that they were seeking.
What I'd like to avoid is a situation where some gets a page from a
directory and then backspaces over the file name to see the whole index.
I created a blank index.html page to prevent this but I do need to allow
one user <an admin type> to see what files are in the directory.

 

Is this do-able and would it involve using Overrides?

 

Is it possible to not have an index.html and still not allow users to
see the file directory listing?

 

Thanks,

 

Richard Thomas

Systems Administrator

Directors Office - University Libraries

State University at Buffalo

716-674-3961

Re: [users@httpd] Preventing directory listings except for one user

Posted by Joshua Slive <jo...@slive.ca>.

Rich Thomas wrote:
> Hello,
> 
>  
> 
> I’m trying to give one user the ability to see a directory listing and 
> only let others see the particular file <page> that they were seeking.  
> What I’d like to avoid is a situation where some gets a page from a 
> directory and then backspaces over the file name to see the whole 
> index.  I created a blank index.html page to prevent this but I do need 
> to allow one user <an admin type> to see what files are in the directory.

There are a couple ways I can think of to do this.  Probably the safest 
is the following:

1. Create an Alias the points to your main documentroot (or whatever the 
directory is where you want to allow access to one user)


2. Use a <Location> section to allow extra access only if the Alias is 
used, and only if the proper permissions are available.

Alias /admin /usr/local/apache/htdocs
<Directory /usr/local/apache/htdocs/
Options None
</Directory>
<Location /admin>
Options Indexes
require valid-user
#(or "Order Deny,allow, etc...)
</Location>

Joshua.


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org