I see there is an .htaccess file inside but much more complex than in the first video tutorial. The deny from all line is only at the end in this context
- Code: Select all
deny from all
I throwed inside an empty index.php file to generate a 404 error instead the file listing. However a savy user can reconstruct files urls by watching the filename in the frontend and by knowing the location of protected files folder.
So I suspect that the .htaccess file is not doing the job it is supposed to do. Any idea?