Title: Image folder security Last modified: August 18, 2016 --- # Image folder security * [guero](https://wordpress.org/support/users/guero/) * (@guero) * [21 years ago](https://wordpress.org/support/topic/image-folder-security/) * Hi * I have WP 1.5 installed and have some questions about the security of my image folder(s). How can I avoid anyone being able to take a look at my image folder simply by typing in a URL (or any other way)? Lets say my site is at [http://www.mysite.com](http://www.mysite.com) and my image are at [http://www.mysite.com/myimages](http://www.mysite.com/myimages). Anyone can then go that URL and see a directory of my images and download them. * How can I avoid this? Is there a way to CHMOD the image folder to a certain settings to allow me, the administrator, to upload and play around with them but prohibit access to others? Any other security settings recommended? How do all of you protect your images folders? * Thankful for any input * Guerito Viewing 4 replies - 1 through 4 (of 4 total) * [Mark (podz)](https://wordpress.org/support/users/podz/) * (@podz) * [21 years ago](https://wordpress.org/support/topic/image-folder-security/#post-197126) * Write “Tut tut…..no peeking” into Notepad Save as “index.html” Upload into image folder. * [whooami](https://wordpress.org/support/users/whooami/) * (@whooami) * [21 years ago](https://wordpress.org/support/topic/image-folder-security/#post-197127) * put a blank index.html inside the directory, that will solve it * Thread Starter [guero](https://wordpress.org/support/users/guero/) * (@guero) * [21 years ago](https://wordpress.org/support/topic/image-folder-security/#post-197129) * Thanks for the extremely quick replies guys. I searched the forums and the codex but couldn’t find the answer. I assume of course that I will still have normal access myself through the ftp or by being logged into my WP site? * Silly question but how come this solution works? * Guerito * [whooami](https://wordpress.org/support/users/whooami/) * (@whooami) * [21 years ago](https://wordpress.org/support/topic/image-folder-security/#post-197136) * because Apache is magic 🙂 * index.html is your default DirectoryIndex file.. if theres one in a folder, apache is gonna send it to the browser. index.php will work also, in your case btw. * I cannot and will not speak for how IIS handles it.. but for Apache, the technical and rather short (given Apache’s lack of brevity) explanation is here: [http://httpd.apache.org/docs/mod/mod_dir.html](http://httpd.apache.org/docs/mod/mod_dir.html) * and for your other questions.. yes yes and yes. ALL this does is send a page to a browser. No more directory traversal peek-a-boo’ers. Viewing 4 replies - 1 through 4 (of 4 total) The topic ‘Image folder security’ is closed to new replies. ## Tags * [folder](https://wordpress.org/support/topic-tag/folder/) * In: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/) * 4 replies * 3 participants * Last reply from: [whooami](https://wordpress.org/support/users/whooami/) * Last activity: [21 years ago](https://wordpress.org/support/topic/image-folder-security/#post-197136) * Status: not resolved ## Topics ### Topics with no replies ### Non-support topics ### Resolved topics ### Unresolved topics ### All topics