Any way to prevent crawler indexing of files in a dir?

You can just stick a robots.txt in your topmost file directory with the desired command.

You can’t stop the world from accessing your files if they have a direct link, in the same way that robots.txt doesn’t stop crawlers from accessing and indexing your public directories.

As I understand it, this is a very nice plugin but it can’t provide security for your files by denying access to anyone/anybot who has the path. It does a lot, but not that.

robots.txt:

User-agent: *
Disallow: /

You can also disable directory indexing in your .htaccess:

Options -Indexes

And if you have encryption or stats enabled in file away, and don’t want to be showing thumbnails or using the FlightBox, you can add a deny from all to an .htaccess in your file directories.

Talk to your webhost.

Boom. Thanks, Thom for your super-fast and non-judgemental response to my snotty remarks above – other readers should disregard my remark above, or at least read Thom’s response in context with it. He’s right, it works, and I learned something today.

You can see the public files on my site at https://sptr.net under the resources menu. If you’re not a member, you can’t see the private stuff, which is what I wanted.

Top plugin, top bloke.

Not a problem! Thanks for the review.

Peace

1. So what exactly would I need to add in my htaccess to make sure nobody except logged in poeple could view?

2. Does that (.htaccess) need to reside in the root of the directories?

3. Anything I MUST do with fileaway to secure the files? Like encryption etc.. I dont use flightbox, just links to pdf files.

BTW.. Mega props to Thom. He’s always responded quick and VERY helpful! ??

I think I have the same requirements as you do @carsononline. What I have in my .htaccess is:

Deny from all

I have three separate folders within the root/wordpress folder for three sets of files. Each of these folders contains that .htaccess file. Nothing in these folders or their subfolders can be accessed directly through a browser, even if you know the path to the file. All are accessible and downloadable via Thom’s brilliant plugin.

Hope that’s helpful.

I tried the Deny from all, and you can see the files, but in chrome I get “download failed – forbidden” hmm..

This is the last step I need to make this work. Any ideas?

Deny from all will prevent ordinary downloads from working. If you enable stats or encryption, it will work. But deny from all in your .htaccess is not what you want to prevent crawlers. You want a robots.txt for that

I enabled encryption and it works perfect. Now, just to make sure..

My setup =

Clients
—-client1
—-client2
—-client3

Does the htaccess file (with deny from all) go in the root of the clients folder or have to be in each clients folders (client1, 2 and 3)?

Want to prevent crawlers from getting the contents of the files or even directory names.

I will create the robots file.

Also, does the robots goes in the “clients” folder, correct?