Do I need to allow directory access within my htaccess for Yii2 application?

Question

Do I need to allow directory access within my application?

I do not want people to be able to access for example the /themes folder or uploads folder etc

Currently my htaccess has the below code in which if I remove it, it resolves them problem but am not 100% sure how important the below code is as on a few websites regarding htaccess they've had the snippet in them which is why I am relucatent to remove it. With the code you can access the folders and it lists the files which I do not want.

RewriteCond %{REQUEST_FILENAME} !-d

`I do not want people to be able to access for example the /themes folder or uploads folder etc` but how should your users’ browsers then manage to load your theme files, or uploaded files? (If you are seeing directory listings and want to turn those off, that is a different problem with [a different solution](http://stackoverflow.com/questions/2530372/how-do-i-disable-directory-browsing)) — Pekka, Sep 18 '16 at 19:37

score 0 · Answer 1 · answered Sep 19 '16 at 07:39

0

The answer is you should not allow all folder except web folder.

answered Sep 19 '16 at 07:39

Wilson Ng

201
2
17

Do I need to allow directory access within my htaccess for Yii2 application?

1 Answers1