Stop file peeking

Mixed forum with code snippets, guides and styles
Forum rules
Everything in this forum is for everybody
But support only for Donators!
Post Reply
User avatar
Stoker
Site Admin
Site Admin
Posts: 3540
Joined: 12 May 2008, 23:26
BBCodes: 239
Favourite BBCode: Anipro
Favourite MOD: PrettyPhoto
Location: Denmark
Contact:

Stop file peeking

Post by Stoker »

Stop file peeking

Author: thecoalman for Stoker
Description: This guide will prevent direct file peeking. Normally people can watch your files by typing the direct address in the browser.
Html example: styles/prosilver/template/overall_header.html
CSS example: styles/prosilver/theme/colours.css

As You can see this gives direct access to the source code.
We will have to do something about that. We cant hide all the code, but we can hide some and also make it clear that we dont like people peeking our files.
If they try to access your files they will get a HTTP Error 403 - Forbidden

Demo: This site. Try accessing these files:
Html example: styles/prosilver/template/overall_header.html
CSS example: styles/prosilver/theme/colours.css (not active)

Installation instructions: You have to create a .htaccess file for each template and theme where you will use this.

Template:
Create this .htaccess file with notepad and upload it to the template folder:

Code: Select all

<Files *.html>
   Order Allow,Deny
   Deny from All
</Files>
Theme:
Create this .htaccess file with notepad and upload it to the theme folder:

Code: Select all

<Files *.css>
   Order Allow,Deny
   Deny from All
</Files>

Read this!
You may experience some problems using the css part.
What I am using here is a .htaccess file placed in the styles folder with this content:

Code: Select all

<FilesMatch "\.(cfg|html)$">
Order Allow,Deny
Deny from All
</FilesMatch>
Board rules! No PM support
Post Reply