MyBB Community Forums

MyBB Community Forums > Community Archive > Archived Forums > Archived Development and Support > MyBB 1.6 > 1.6 Security Management and Support > Protecting Upload Directory
Full Version: Protecting Upload Directory
You're currently viewing a stripped down version of our content. View the full version with proper formatting.

Adobe

2013-02-09, 09:58 PM
I have seen many forums that have some folders in the upload directory protected. EX: site.com/uploads/ficons or site.com/uploads/awards.

I tried adding a deny from all rule in .htaccess but it blocks the images. How did most other sites block direct access to those directories?

pandaa

2013-02-09, 11:46 PM
You really can't. They just have a blank index.html.

Adobe

2013-02-09, 11:51 PM
When I go on hf.net/uploads/ficons, it gives a no permissions error. Same with http://wweforums.net/uploads/awards/

pandaa

2013-02-10, 12:00 AM
OH, okay. chmod settings is the key here. 644 for the directory, 755 for the files.

Snickers

2013-02-10, 12:38 AM
http://community.mybb.com/thread-127980.html

Adobe

2013-02-10, 12:57 AM
Thanks for the help guys.

I'll play around with the permissions and add an index.php file for now.

spork985

2013-02-10, 02:13 AM
You need to disable directory listing. You can try placing "Options -Indexes" in your virtual host configuration in Apache, or your .htaccess file.

Adobe

2013-02-11, 01:50 AM
I added that and it seems to be working perfectly. Thanks Spork.
MyBB Community Forums > Community Archive > Archived Forums > Archived Development and Support > MyBB 1.6 > 1.6 Security Management and Support > Protecting Upload Directory