Directory browsing permission

Post Reply
pesquisa
Posts: 14
Joined: Wed Nov 07, 2001 8:12 am

Directory browsing permission

Post by pesquisa »

We have just installed Webinator 4.0 in our developing enviroment for a final evaluation, but we are having some difficulties regarding access permission to the several .html directories. When we start the walk process we get an access forbbiden 403 error in the .html root directory. We found that happens because we do not allow directory browsing in our website. We are using IIS 5.0 How can we solve this problem without allowing the directory browsing ?
Is there any additional configuration ?

Thanks in advance
User avatar
John
Site Admin
Posts: 2597
Joined: Mon Apr 24, 2000 3:18 pm
Location: Cleveland, OH
Contact:

Directory browsing permission

Post by John »

The Webinator should work the same as a user browsing the site with a browser, and will follow links. Are you trying to index documents that aren't linked into the site?
John Turnbull
Thunderstone Software
pesquisa
Posts: 14
Joined: Wed Nov 07, 2001 8:12 am

Directory browsing permission

Post by pesquisa »

No. All the documents are linked to the site. I´ve just unchecked the directory brownsing option in IIS5.0. If I type the URL without the default document filename I get the access forbbiden error and also Webinator cannot index the pages.
User avatar
mark
Site Admin
Posts: 5513
Joined: Tue Apr 25, 2000 6:56 pm

Directory browsing permission

Post by mark »

You should give to Webinator whatever you would tell someone is your home page. If someone with a browser can't get to it neither can Webinator.
pesquisa
Posts: 14
Joined: Wed Nov 07, 2001 8:12 am

Directory browsing permission

Post by pesquisa »

So, how can I prevent users to browse the directories of my website and to see all its contents structure ?
User avatar
mark
Site Admin
Posts: 5513
Joined: Tue Apr 25, 2000 6:56 pm

Directory browsing permission

Post by mark »

I'm not sure I understand the problem. What's a website for if not to browse. Anything Webinator indexes will be findable by anyone doing a search. Would you not also want them to be able to find the same data by surfing?

Here's Webinator's general philosophy:
You create a website layout that makes you and your users happy.
Then you use Webinator to index it and make it searchable.

If you want to do something else such as indexing unlinked pages Webinator allows you to specify each of the desired urls to index.
pesquisa
Posts: 14
Joined: Wed Nov 07, 2001 8:12 am

Directory browsing permission

Post by pesquisa »

Our directory structure does not have a default document in each of them, because this is a document library. If I do not have the default document, the user will see all the directory structure like the windows explorer, violating our website security. How can I prevent this behavior and let Webinator index all the contents. It would be very difficult to create, for example an default.html page in each directory, because we have more than 1000 subdirectories. The user enters this directories by searching.
ZackDude
Posts: 6
Joined: Sat Sep 08, 2001 4:28 pm

Directory browsing permission

Post by ZackDude »

A simple approach might be:
Take site offline for a brief time.
Turn on directory browsing and run the walker.
After new index is built, turn off directory browsing.
Open up site again.
User avatar
mark
Site Admin
Posts: 5513
Joined: Tue Apr 25, 2000 6:56 pm

Directory browsing permission

Post by mark »

There's no security violation. If a user can find a document by searching there's no reason they should not be able to find it by surfing. Directory indexing only opens your web document directories to viewing, not your whole disk.
Post Reply