Title: acceess to folder Last modified: August 31, 2016 --- # acceess to folder * [wealthy](https://wordpress.org/support/users/wealthy/) * (@wealthy) * [10 years, 2 months ago](https://wordpress.org/support/topic/acceess-to-folder/) * How can I give access to one folder within my site. * I have uploaded a file I would like someone to be able to download, but when I go to that folder I get a 404 access error. * If I disable iThemes Security I get access. * How can I give access please * [https://wordpress.org/plugins/better-wp-security/](https://wordpress.org/plugins/better-wp-security/) Viewing 14 replies - 1 through 14 (of 14 total) * Thread Starter [wealthy](https://wordpress.org/support/users/wealthy/) * (@wealthy) * [10 years, 1 month ago](https://wordpress.org/support/topic/acceess-to-folder/#post-7164330) * Does no answer mean there is NO support for this plugin??? * [dwinden](https://wordpress.org/support/users/dwinden/) * (@dwinden) * [10 years, 1 month ago](https://wordpress.org/support/topic/acceess-to-folder/#post-7164331) * [@pete](https://wordpress.org/support/users/pete/) * According to the FAQ section in the readme.txt: * > = Where can I get help if something goes wrong? = > * Official support for > this plugin is available for [iThemes Security Pro](http://ithemes.com/security/) > customers. Our team of experts is ready to help. > Free support may be available with the help of the community in the [WordPress.org support forums](http://wordpress.org/support/plugin/ithemes-security)( > Note: this is community-provided support. **iThemes does not monitor the WordPress. > org support forums**). * dwinden * [dwinden](https://wordpress.org/support/users/dwinden/) * (@dwinden) * [10 years, 1 month ago](https://wordpress.org/support/topic/acceess-to-folder/#post-7164332) * [@pete](https://wordpress.org/support/users/pete/) * Have you tried accessing the file directly instead of the folder ? * For example. Let’s say you saved an image named test.jpg in the wp-content/uploads/ 2016/03 folder. * Try and access the file directly like this: * [http://www.domain.com/wp-content/uploads/2016/03/test.jpg](http://www.domain.com/wp-content/uploads/2016/03/test.jpg) * Let me know if you specifically need access to the folder to browse its content. * dwinden * Thread Starter [wealthy](https://wordpress.org/support/users/wealthy/) * (@wealthy) * [10 years, 1 month ago](https://wordpress.org/support/topic/acceess-to-folder/#post-7164333) * yes i have and i get blocked. Have to turn off ITS to get the file * [dwinden](https://wordpress.org/support/users/dwinden/) * (@dwinden) * [10 years, 1 month ago](https://wordpress.org/support/topic/acceess-to-folder/#post-7164336) * [@pete](https://wordpress.org/support/users/pete/) * You mean deactivate the iTSec plugin (=turn off ITS). * Direct file access works fine in my test env. When I try to access the folder I get: * Forbidden * You don’t have permission to access /wp-content/uploads/2016/03/ on this server * Which is a 403 status code and not a 404 (page not found). Seems like we are missing a piece of the puzzle. * Anyway there is only one iTSec plugin setting that may be related. If enabled try and disable the **Directory Browsing** setting in the System Tweaks section of the iTsec plugin Settings page. * dwinden * [dwinden](https://wordpress.org/support/users/dwinden/) * (@dwinden) * [10 years, 1 month ago](https://wordpress.org/support/topic/acceess-to-folder/#post-7164338) * [@pete](https://wordpress.org/support/users/pete/) * Correction. There is another iTSec plugin setting that seems to have an unexpected side effect. * If you also have the **Disable PHP in Uploads** setting enabled try and disable it. * After disabling both (System Tweaks section) settings I was able to access and browse the folder. No more 403. * dwinden * Thread Starter [wealthy](https://wordpress.org/support/users/wealthy/) * (@wealthy) * [10 years, 1 month ago](https://wordpress.org/support/topic/acceess-to-folder/#post-7164340) * Yes I disabled the whole plugin. But have found that if I untick the Disable Directory Browsing then I can see the particular directory I am wanting to see. However I can see EVERY other directory ( that doesnt have an index.php file) also which I dont want.. * There must be a way to allow one directory to be viewed via a URL link. * I guess if ITS dont want to help out in here then I am stuck or looking at another plugin that will allow me to do the job * [dwinden](https://wordpress.org/support/users/dwinden/) * (@dwinden) * [10 years, 1 month ago](https://wordpress.org/support/topic/acceess-to-folder/#post-7164341) * [@pete](https://wordpress.org/support/users/pete/) * > Yes I disabled the whole plugin. > But have found that if I untick the Disable > Directory Browsing then I can see the particular directory I am wanting to > see. However I can see EVERY other directory ( that doesnt have an index.php > file) also which I dont want.. * Ok, so unticking the iTSec plugin **Disable Directory Browsing** setting turns out to be the answer to the question you initially opened this topic for. Right? So that answer/solution warrants this topic to be marked as ‘resolved’. Right? * However when the **Disable Directory Browsing** setting is unticked you can see EVERY other directory ( that doesnt have an index.php file) also (which I think is another issue). * Apparently your Apache web server main configuration file includes by default: * > Options Indexes * Which is weird because it is not a secure thing to do. Anyway this has nothing to do with the iTSec plugin. * To get what you want you’ll probably need to: * – Enable the iTSec plugin **Disable Directory Browsing** setting. – And manually create a .htaccess file in the single folder you want to give access to and include the following line: * > Options +Indexes * I tested the above and it works fine. * > I guess if ITS dont want to help out in here then I am stuck or looking at > another plugin that will allow me to do the job * iThemes could not care less … (Note I’m not an iThemes employee …) According to the FAQ section in the plugin readme.txt file: * > = Where can I get help if something goes wrong? = > * Official support for > this plugin is available for [iThemes Security Pro](http://ithemes.com/security/) > customers. Our team of experts is ready to help. > Free support may be available with the help of the community in the [WordPress.org support forums](http://wordpress.org/support/plugin/ithemes-security)( > Note: this is community-provided support. **iThemes does not monitor the WordPress. > org support forums**). * So if you don’t mind please mark this (and the other older) topic as ‘resolved’. * dwinden * Thread Starter [wealthy](https://wordpress.org/support/users/wealthy/) * (@wealthy) * [10 years, 1 month ago](https://wordpress.org/support/topic/acceess-to-folder/#post-7164344) * no it is NOT solved. * The first line in my first post says * “How can I give access to one folder within my site.” * thats ONE directory… * If I tick the tick out of Disable Directory Browsing then every folder that does not automatically have a index.php file in it can be viewed * I guessed your not an employee of ITS, but to tell me to make this resolved when it isnt, sure sounds like you are trying to make ITS look good because all the posts are marked as Resolved… * [dwinden](https://wordpress.org/support/users/dwinden/) * (@dwinden) * [10 years, 1 month ago](https://wordpress.org/support/topic/acceess-to-folder/#post-7164345) * [@pete](https://wordpress.org/support/users/pete/) * And the other topic ? * I tested my solution and it works in my test env … Anyway it not an iTSec plugin issue but a standard web server access configuration issue. I think I’ve been pretty helpful pointing out the iTSec plugin settings that you should be aware of. * > If I tick the tick out of Disable Directory Browsing then every folder that > does not automatically have a index.php file in it can be viewed * You need to tick the **Disable Directory Browsing** setting. Not untick. I guess we are both not good readers … 😉 * Ok, so according to you I’m trying to make the iTSec plugin look good … Well actually the iTSec plugin is crap. It does NOT protect your website. I would NEVER EVER use it on a live website … and iThemes sucks. So how does that sound? * dwinden * Thread Starter [wealthy](https://wordpress.org/support/users/wealthy/) * (@wealthy) * [10 years, 1 month ago](https://wordpress.org/support/topic/acceess-to-folder/#post-7164346) * I made 1 mistake in my wording * If I TAKE the tick out of Disable Directory Browsing then every folder that does not automatically have a index.php file in it can be viewed * So as far as I see. using ITS to protect my site works, ( somewhat) but I should be able to make 1 small change and give access to ONE folder. But no. * ITS locks it ALL down or leaves it ALL open.. * For someone who doesnt like ITS, you sure spend a lot of time trying to solve a lot of ITS errors. * Anyway ITS is lacking and Staff dont care So thats it for me.. * [dwinden](https://wordpress.org/support/users/dwinden/) * (@dwinden) * [10 years, 1 month ago](https://wordpress.org/support/topic/acceess-to-folder/#post-7164347) * [@pete](https://wordpress.org/support/users/pete/) * > So as far as I see. using ITS to protect my site works, ( somewhat) but I > should be able to make 1 small change and give access to ONE folder. But no. * Yes, you can. But don’t look for a solution in the iTSec plugin. You’ve learned which 2 iTSec plugin settings affect file/folder access and now you only need to shift your attention towards webserver config. Using an extra .htaccess file with proper content in the folder you want to give access to should do the trick. * If you can’t get it to work on your hosting env don’t give up and contact your hosting provider. If they can’t assist you with such a basic web server task look out for a different hosting provider. * Oh and spending some of my time in this forum helps me learn new things. It doesn’t necessarily mean I like the plugin in its current form … * That said this security plugin does seem to have some potential. It just needs some extra effort to iron out a shit load of bugs … * Don’t forget about the other topic … 😉 * dwinden * Thread Starter [wealthy](https://wordpress.org/support/users/wealthy/) * (@wealthy) * [10 years, 1 month ago](https://wordpress.org/support/topic/acceess-to-folder/#post-7164348) * What Topic??? * [dwinden](https://wordpress.org/support/users/dwinden/) * (@dwinden) * [10 years, 1 month ago](https://wordpress.org/support/topic/acceess-to-folder/#post-7164349) * [This](https://wordpress.org/support/topic/errors-in-header-of-site) one. * It only got updated 6 times last week … you did not notice ? * dwinden Viewing 14 replies - 1 through 14 (of 14 total) The topic ‘acceess to folder’ is closed to new replies. * ![](https://ps.w.org/better-wp-security/assets/icon.svg?rev=3529351) * [Kadence Security – Password, Two Factor Authentication, and Brute Force Protection](https://wordpress.org/plugins/better-wp-security/) * [Frequently Asked Questions](https://wordpress.org/plugins/better-wp-security/#faq) * [Support Threads](https://wordpress.org/support/plugin/better-wp-security/) * [Active Topics](https://wordpress.org/support/plugin/better-wp-security/active/) * [Unresolved Topics](https://wordpress.org/support/plugin/better-wp-security/unresolved/) * [Reviews](https://wordpress.org/support/plugin/better-wp-security/reviews/) * 14 replies * 2 participants * Last reply from: [dwinden](https://wordpress.org/support/users/dwinden/) * Last activity: [10 years, 1 month ago](https://wordpress.org/support/topic/acceess-to-folder/#post-7164349) * Status: not resolved