I am running Apache 2.2.20 on a Ubuntu 11.04 web server. I have a Joomla site running on it, but I have also added some custom content. In the main web directly I have added a folder /images/sub_folder
and in this sub_folder
I have put a bunch of pictures. I do not want anyone to be able to simply access these pictures directly from the web, so I made a .htaccess
file in that sub_folder
and just put the following line in it:
deny from all
There doesn't seem to be any effect, I can still access the images directly from a web browser. I have restarted the Apache service. What am I doing wrong?
Thanks
Tim
Best Answer
At your apache configuration deny the entry for the directory, something like this:
If you want to ask for a login password to access to the folder from web uou need to create an .htaccess in the folder you want to protect, and a password file for the user that will be able to log in, but have to change from your apache config to Allow from All and something at your .htacces like this
and use a site like this to create your encrypted password, same format that your apache uses
http://www.edwinbush.com/my-tools-page/htpasswd-content-generator/
And thats it, now that when you need to enter to the folder a promp will show and ask you for the user and password. Might need to restart apache