Unrestricted Access to Subfolders

From OpenFSG

There is a problem in the FSG that allows the subfolders of a protected web page to be accessed by anybody.

The subfolders of a folder protected by a password are not protected at all and you can browse them freely from the web.

Repeating the Problem

Set up a web page alias called "Pictures" with a path of "/My pictures/" (the slash at the end indicates you want it as a protected folder)
Now you have to input a user name and a password to gain access to its content (a HTML page showing thumbnails).
But if you go directly to a subfolder, e.g. using the following URL: mywebsite.com/Pictures/BlackNWhite, you can enter the subfolder freely and see its content without restriction.

Work Arounds

Simple

Not the most secure method, but you can create a index.html file in each sub direcotry that redirects the user back to the main Folder that is password protected.

Retrieved from "http://www.openfsg.com/index.php/Unrestricted_Access_to_Subfolders"

Category: FSG Issues

Unrestricted Access to Subfolders

From OpenFSG

Repeating the Problem

Work Arounds

Simple

Views

Personal tools

Navigation

Search

Toolbox