security recommendations question

[DrByte]

Since it's already blocking you from getting in there, you don't need the index.html in there.

[member]

Is it ok to do so, that way people would not feel the need to try to get into these directories?

[DrByte]

Is it ok to do so, that way people would not feel the need to try to get into these directories?

I'm not sure I understand your question.

[member]

Usually if the page is not found, people get my homepage.

I assume they would just get a blank page if I had the index.html in those folders, or better yet my homepage (not sure which).

I would think that having a forbidden message would just give hackers the incentive to try to try to hack the directories.

I am basically asking if adding index.html into those directories would break anything.

Thanks for replying so quickly!

[DrByte]

It won't harm anything to add the index.html file to those folders. But, since the .htaccess in some of them completely prohibits access, doing so may be moot, and won't stop the "forbidden" messages.

While I understand your logic, it's also important to note that unless a hacker is absolutely convinced that there's a pot of gold inside worth spending time about, they're gonna move on to another place whose gates aren't so tightly locked. It's not worth their while to stay.

[member]

Thanks for letting me know. You are right, not much to gain from hacking into it. I just wanted to make sure about what was the best to do. I appreciate your taking the time to help.