Blueimp File Upload : How not to list files in subfolders?

Question

For each user I create a main folder we call User . In this folder, you've got all files the user has uploaded (and the auto-created subfolder called thumbnails ). On the backoffice side, I want to upload quotes and invoices in separates folders we'll call quotes and invoices .

Here is the tree :

User
 |_ file_01.jpg
 |_ file_02.jpg
 |_ file_03.jpg
 |_ file_04.jpg
 |_ thumbnails
 |   |_ file_01.jpg
 |   |_ file_02.jpg
 |   |_ file_03.jpg
 |   |_ file_04.jpg
 |
 |_ quotes
 |   |_ myquote.pdf
 |
 |_ invoices
     |_ myinvoice.pdf

I want to hide files contained in folders quotes and invoices (that are automatically created by blueimp script) without an .htaccess file, each time I want to list the User folder content through blueimp script.

Is there an option in blueimp which could enable/disable listing of subfolders files for instance ?

That makes sense ?

Answer 1

You can do this with a single .htaccess file to deny access from just the two directories (quotes and invoices).

This means 1 .htaccess file in the directory User .

RewriteRule ^(quotes/|invoices/) - [F,L,NC]

• F - Using the [F] flag causes the server to return a 403 Forbidden status code to the client. While the same behavior can be accomplished using the Deny directive, this allows more flexibility in assigning a Forbidden status.

• L - The [L] flag causes mod_rewrite to stop processing the rule set. In most contexts, this means that if the rule matches, no further rules will be processed.

• NC - Use of the [NC] flag causes the RewriteRule to be matched in a case-insensitive manner

See the Apache documentation: http://httpd.apache.org/docs/2.4/rewrite/flags.html

^{Footnote: If you want them hidden, then you could have an index.html file in your User directory and return a 403 (?) - or move the directories you want to hide out of the web root.}