0

A script on my website uploads images to mysite.com/uploads and generates a path to the image uploaded like mysite.com/uploads/123456789.jpg.

The image should only to visible to users with a path to the file. The folder shouldn't list out its contents.

The script is built using PHP and runs on a Linux system (CentOS) managed by cPanel. I am new to Linux and I don't understand how this can be done and I need your help with it.

nshunz
  • 253
  • 1
  • 11
  • 3
    Possible duplicate of [How do I disable directory browsing?](https://stackoverflow.com/questions/2530372/how-do-i-disable-directory-browsing) – Gandalf_The_White Oct 14 '18 at 19:10

1 Answers1

4

I beleive that's not PHP issue. If you using Apache webserver you need a .htaccess file in that folder with the following content:

Options -Indexes

And also you can try simply add empty file index.html in each directory you'd like to hide.

yaroslavche
  • 383
  • 1
  • 9
  • Thanks! That's another thing I wanted to ask, does adding the index file automatically hide directory contents? I understand it how it would work in my browser but say on a command line. – nshunz Oct 14 '18 at 18:41
  • I do not know if I understood the question correctly =) In general, it does not hide the contents at all. When a client requests a folder to the server, the server simply does not give the list. But if you need to get it in the console - it will of course be available. For example, the console command `cd path/to/uploads && ls` return all files list. – yaroslavche Oct 14 '18 at 18:49
  • And if you adding an empty `index.html` - then request to `yoursite.com/uploads/` returned that empty index file =) – yaroslavche Oct 14 '18 at 18:51