Features / Usability

Features / Usability

Re: Security Question - Files in Site Root Visible

posts: 289 United States

I think the easiest thing to do would be to create a new index.php page that redirects to the tiki login page. Curiously, I already had one by default, so have you been deleting files, or is your Tiki not in the root of your site? The code below is borrowed from the index.php file that is found in the whelp directory, but the principle should still hold.

index.php from Whelp DIR
< php

// $Id: /cvsroot/tikiwiki/tiki/whelp/index.php,v 1.5 2007-03-06 19:30:46 sylvieg Exp $

// Copyright (c) 2002-2007, Luis Argerich, Garland Foster, Eduardo Polidor, et. al.
// All Rights Reserved. See copyright.txt for details and a complete list of authors.
// Licensed under the GNU LESSER GENERAL PUBLIC LICENSE. See license.txt for details.

// This redirects to the sites root to prevent directory browsing

header ("location: /index.php");


^NOTE: I had to take out the question marks either side of the open and closing angle brackets otherwise the code won't display properly.

Assuming that your Tiki install is not in the root path of your website, you need to make sure that you change the "" to put the correct path of where to find it. If it is, then I don't know what's happened by try putting a single "." (period, full stop) before "/index.php". The index.php file that resides in the root of my Tiki is slightly different:


Perhaps you could try this instead of the other code.