user3542450 user3542450 - 3 months ago 14
Apache Configuration Question

How to restrict user from accessing directory but not the files which are inside it

I have one html file which include images which are uploaded on server. I include them in this way . Lets say the path of files are Images/img1.jpg, Images/module1/img1.jpg and these are relative paths. and If I go to my browser and type "domain.com/Images/img1.jpg" and "domain.com/Images/modul1/img1.jpg" these files should be accessible. But when I type "domain.com/Images/" or "domain.com/Images/module1" the they should not be accessible. It should show me access denied in these cases.

Answer

Since what you seem to describe is to avoid Directory Listing in apache, you just have to set the directory like this:

<Directory /full/path/to/Images>
    Options -Indexes
    Require all granted
</Directory>

Additionally you could add a welcome page for those directories with DirectoryIndex index.html

This configuration will propagate in all subdirectories so you do not need to define them in all subdirectories one by one, so unless you already have a configurating for a subdirectory overriding this one, this one will apply further down in the directory tree.

Note: If you are using 2.2 you should use "Allow from all" instead of "Require all granted"