chriz777 Posted February 15, 2009 Posted February 15, 2009 Hi, I wanted to ask help from anybody who knows some info on the server. I want to make sure my directories are protected, and in particulary my "Images Folder" & "template folder" from anybody downloading it. For Example: Just like the /admin/ --and everything under it, is protected. How can I protect it from ppl from randomly accessing my files/folders... As I know that with some programs, you can pull down a whole site and my competitors / hackers can steal / clone my site, which I want to protect at all times... For info: I have an Virtual Private Server (VPS) and I made some user accounts with Cpanels. etc. Any help would be appriciated...
ricksteruk2005 Posted February 15, 2009 Posted February 15, 2009 to prevent someone from being able to download images from the folder, just make a blank file called index.html this will prevent them from seeing the files to download. I dont know of way to stop someone useing a script from downloading a entire site. I dont help with templates (thats what the seller is for) th search function will often help, when it dont try this in google. site:http://www.oscommerce.com/forums then your search word
FIMBLE Posted February 15, 2009 Posted February 15, 2009 Hi, I wanted to ask help from anybody who knows some info on the server. I want to make sure my directories are protected, and in particulary my "Images Folder" & "template folder" from anybody downloading it. For Example: Just like the /admin/ --and everything under it, is protected. How can I protect it from ppl from randomly accessing my files/folders... As I know that with some programs, you can pull down a whole site and my competitors / hackers can steal / clone my site, which I want to protect at all times... For info: I have an Virtual Private Server (VPS) and I made some user accounts with Cpanels. etc. Any help would be appriciated... You can use this also <?php // Written to let you know when someone // enters a directory they should not be in // for this to work you need to name this file index.php // there must be no other index page in the directory // if and when someone tries to gain your directory they will be // served a message and you will be e-mailed to let you know some has tried // GNU open source licence applies ?> <HTML> <HEAD> <title> 404 Error Page</title> </HEAD> <BODY> <p align="center"> <h1>Error 404</h1><br>Page Not Found <?php $ip = getenv ("REMOTE_ADDR"); $requri = getenv ("REQUEST_URI"); $servname = getenv ("SERVER_NAME"); $combine = $ip . " tried to load " . $servname . $requri; $httpref = getenv ("HTTP_REFERER"); $httpagent = getenv ("HTTP_USER_AGENT"); $today = date("D M j Y g:i:s a T"); //Change the message below to suit your needs $note = "You are not not welcome in this directory, store owners have been notified, your IP number has been recorded."; $message = "$today \n <br> $combine <br> \n User Agent = $httpagent \n <h2> $note </h2>\n <br> $httpref "; $message2 = "$today \n $combine \n User Agent = $httpagent \n $note \n $httpref "; $to = "[email protected]"; // Change to your e-mail address $subject = "yourdomain Error Page"; $from = "From: [email protected]\r\n"; //Change to your own e-mail address mail($to, $subject, $message2, $from); echo $message; ?> </BODY></HTML> save this as index.php make the necessary changes, then upload to the folder without an index. it will then mail you when someone attempts to access the folder. Nic Sometimes you're the dog and sometimes the lamp post [/url] My Contributions
chriz777 Posted February 15, 2009 Author Posted February 15, 2009 You can use this also <?php // Written to let you know when someone // enters a directory they should not be in // for this to work you need to name this file index.php // there must be no other index page in the directory // if and when someone tries to gain your directory they will be // served a message and you will be e-mailed to let you know some has tried // GNU open source licence applies ?> <HTML> <HEAD> <title> 404 Error Page</title> </HEAD> <BODY> <p align="center"> <h1>Error 404</h1><br>Page Not Found <?php $ip = getenv ("REMOTE_ADDR"); $requri = getenv ("REQUEST_URI"); $servname = getenv ("SERVER_NAME"); $combine = $ip . " tried to load " . $servname . $requri; $httpref = getenv ("HTTP_REFERER"); $httpagent = getenv ("HTTP_USER_AGENT"); $today = date("D M j Y g:i:s a T"); //Change the message below to suit your needs $note = "You are not not welcome in this directory, store owners have been notified, your IP number has been recorded."; $message = "$today \n <br> $combine <br> \n User Agent = $httpagent \n <h2> $note </h2>\n <br> $httpref "; $message2 = "$today \n $combine \n User Agent = $httpagent \n $note \n $httpref "; $to = "[email protected]"; // Change to your e-mail address $subject = "yourdomain Error Page"; $from = "From: [email protected]\r\n"; //Change to your own e-mail address mail($to, $subject, $message2, $from); echo $message; ?> </BODY></HTML> save this as index.php make the necessary changes, then upload to the folder without an index. it will then mail you when someone attempts to access the folder. Nic Thanks Guys for the quick reply, I think what you've given me is very useful, however it still doesn't prevent an "hacker/competitor" to steal my hard work, files that I modded, modules etc etc... Lets say they use an computer program (I have used a few of these programs to mass download images from certain directories, an will use one to test it on my site) which such a program, all you do is point to the directory you want to download. So for instance, I just need to point to www.example.com/images/... and it will download all folders / subfolders and files in that directory. So in this sense they don't need to know the filename and or directories-names... A Close solution.... I know that in the Cpanel, you can password protect folder/files and everything that is in it... (subfolder, subfiles)... so when you try to access that directory/files (and sub), then you'll be promted with an password. For example So when I put a password protection on /images/... (sub)directories But the problem is that when you do that it will also keep asking for a password when the images files are suppose to show up. So in my example, I have webstore, I have product images and general images for the store, (which are located and pulled from the /images/... folder) because that folder is pw protected, it will promted for a password... so when viewing a product, it will ask for a password before the image can be displayed... So you see my dilemma?!?
FIMBLE Posted February 15, 2009 Posted February 15, 2009 turn on hotlinking, install a watermark add on Nic Sometimes you're the dog and sometimes the lamp post [/url] My Contributions
ricksteruk2005 Posted February 15, 2009 Posted February 15, 2009 being perfectly honest, you will never stop anyone who is determined from stealing your pictures, i would not worry about modules etc because they are php the person would not be able to see the script (unless they have access to the server) all they would be able to see from a browser is the output. But without the script creating the output its useless. I would turn on hotlinking protection to save your bandwidth and to prevent someone linking directly to you images, other than that be flattered if someone wants to nick your pictures (it means they are quality and better than what they can do) I dont help with templates (thats what the seller is for) th search function will often help, when it dont try this in google. site:http://www.oscommerce.com/forums then your search word
New 
Recommended Posts
Archived
This topic is now archived and is closed to further replies.