disable directory and file browsing
 

I remove "Index" in my
/etc/apache2/sites-enabled/000-default file in order users not to be able to browse directories. I have sym link of a folder in
/var/www/test (test is the symlinked folder). If I write in the address bar of the browser
http://x.x.x.x/album/img_name.jgp I can see the picture, but I want contents not to be available.

Is that different from file browsing and how to disable it?

If you add an index.html file to the directory that just says "File browsing not allowed" then anyone trying to browser that directory will get that message rather than a file list.

Ok. My first post is not clear. I have a sym link folder test in which
if I disable contents I can't get image from my web application(say simply my site) and
if I enable contents everyone can type address of the image and view it.

I didn't remove index.html. I remove Index option in the file I gave in my previous post (/etc/apache2/sites-enabled/000-default)

I want to access image through my site and no one can view it from the browser by entering it's address.

Your posts are not clear, and your final wish makes it even more confusing.

"I want to access image through my site and no one can view it from the browser by entering it's address" --- eeh, how would somebody be able to view that image? since the website, load the image of using an internal call to the address. (img statement)


Anyway, maybe this is what you ask for:

make a .htaccess file, and put this inside:

Options -Indexes


This disables directory listing on the webserver, for the directory where .htaccess is placed.

I'm assuming if you want to disable the contents listing in one directory you may want to disable it in all of them without having to add the index.html/.htaccess files in each.

Your file and directory configuration is different, but in my '/etc/apache2/vhosts.d/default_vhost.include' file I have a <Directory ... tag with an Options keyword. Set a -Indexes in this and everything may be cleared up with the issue we think you're bringing up.

As for your configuration I believe the Options keyword will be somewhere in the config files within the <Directory> tag.

Either I don't understand your question, or you don't understand how the Internet works. If I understand correctly, you want it so nobody can do right click==>view image and save it from there. If so, how do you expect users to get it at all?

My posts are confusing because I am asking for option that I don't know it exists. I will try again.

I make a pesonal site with photos on my family and my friends, but I want everyone to login in order to see pictures. I have created start page, login page, image view page, etc. To be more clear I will give you the exact address
http://xx.xx.xxx.xx/kodeimage
This is the login screen. I have symlinked folder in /var/www/kodeimage/album
So, if you type
http://xx.xx.xxx.xx/kodeimage/album
you will see forbidden message. But if you know exact path of the image
http://xx.xx.xxx.xx/kodeimage/album/...a/dscn8735.jpg
you will see a beautiful image from the Rila mountain(2400m) Enjoy :)

What I want to do (if possible ofcourse) is when you type the path of the image the forbidden message to appear.

Thanks for your time and patience.

I would recommend using Apache mod_auth authentication. You would have to replace your current login, but it would work for you. You can restrict the directory contents from being displayed unless the user has already logged in. With mod_auth you would not have to keep track of user's sessions either, Apache/your browser would take care of all of this. Take a look at http://httpd.apache.org/docs/2.0/howto/auth.html if this is something that you would want to implement.

This is good solutions. As I understand this is the same as htaccess files. Thanks for the replies.