This is pretty much some ways to hide information about your website. Although, there are still ways to secure this most likely…
If a specific folder in your website is accessible to people and they attempt to go into a branch of your website…Then they may be able to see contents that they can use to get information or files of the site.
So here is what you can do:
1) Create a blank file named index.php or index.html and upload it to the directory in question.
2) Edit your php.ini:
;
; Decides whether PHP may expose the fact that it is installed on the server
; (e.g. by adding its signature to the Web server header). It is no security
; threat in any way, but it makes it possible to determine whether you use PHP
; on your server or not.
expose_php = Off
3) .htaccess
Create a file called “.htaccess” in your document root and put the following in it:
“Options -Indexes” (Without the quotes)
Some Notes:
Editing the expose_php will not stop the directory listing and there is a possibility that your webhost will not all you to edit the php.ini file or the .htaccess.
Recent Comments