I don't know if any of you know much about Apache, but I recently started using it and had a question regarding user restrictions.

Okay, I get that I can use .htaccess to password protect a directory recursivly, but what I want to know, is if I can use it to restrict just the ability to display indexes. I don't mean a single file called "index.html or .php" or anything like that, I mean apache's indexing abilities that list files and folders in a directory and allow you to browse through them.

I have it setup now so that the directory is inaccessable unless you have a password. This goes for any links into it and actually visiting it. What I want, is for it to protected from being viewed, unless you have a password, but still accessable through external links. Basically, the files won't be protected, just the ability to index it.

Any suggestions?

In your virtual server's settings.. in "Directory Indexing" options.. there's a textbox for you to list files for indexing to IGNORE...

Add *.* to that list and all files will be ignored in the directory indexing for that virtual server. (It'll look like all directories are empty to the end-user)

I'm sure there are better ways but this quick-fix worked for me.

Peace!!

This effectivly turns indeing off though, if I wanted to do that, I could just delete the word "indexes" in the <directory> areas, I want to just restrict access to the capability, like, require a password using .htaccess before a user can view it.

Thanks for the input though, that's a much cleaner looking way of turning off indexes than just deleting "indexes," as it doesn't leave the Access Denied page, but a blank one instead.