...

I don't think I am completely following you with saying using indexes are a security risk and are not allowed. I used index files all over my file structure to ensure prying eyes are directed to a blank page instead of publicly being able to view my directory in their browsers..

Now I seen you mention that you have dynamically created directories. This would mean that a script you run or cron job creates new directories. And I am guessing that when you're new directory is created it lacks a index.html file being created to stop people from directory browsing.

Ok well if those statements are true then either you would have to program into the script to create an index.html file along with the new dynamic directory or use htaccess commands. You would need to use such commands that would still allow users to grab the files they need from that directory but at the same time not be prompted for a password while doing it.. Hopefully I am not way off base here with that assumption.

Here is an example of .htaccess file that for example allows files to be downloaded from the folder but does not allow anyone to browse the actual directory itself.

/download/.htaccess

I would imagine you would want something like that in the directory that comes directly before the dynamically created ones in your file structure. This type of code may require user sessions though as I am unsure.. It would be worth experimenting with see if you can accomplish what you are looking for. But for example if this .htaccess file is located in root/download/.htaccess I would still be able to download items from the download folder but if I typed root-domain/download/ into my browser it would not allow access so that users can not see all the download files via directory browsing.. Sorry if I did not understand you correctly but this is what I use to accomplish what I think your saying.

Thanks, that unfortunately blocked all access to the files, so I found this:

IndexIgnore *


An index page still gets displayed, but atleast there are no files displayed in it .

I don't quite understand. Do you mean that if you don't put an index, someone browsing www.yourwebsite.com/images would be able to see all your image files or something like that?

Correct drummerboy.

Ooh, I would like to read learn more about it. What are the keywords that I can use to search about these in the search engines?

Apache, Indexes, Options

You could set permissions to 711 (CHMOD) on the folder. That should prevent directory indexing/listing, as well as files inside the folder still are accessable.

You're currently talking about search engines right? We're talking about humans doing/viewing it.

No, I'm talking about humans. E.g. you have a directory yourdomain.com/images/ and don't want people to view the content of this folder through a browser, but still be able to link to files inside it. Isn't that what you were talking about?

That is what I am talking about correct. Humans it is.

Then just set the permissions at the same time you create the directory.

That means even search engines wouldn't be able to index(see) it right? Is that good or bad? Besides that, I've also seen some websites when you try to access www.yourwebsite.com/images , it'll automatically direct you to their main homepage. Do you know how they do that?

Is there any reason you don't just put an empty HTML file in it naming index.htm ?

That way you just get a plain white page.

You could use a redirection and have links on page then redirect person to what ever page you want.