Every sub directory inside the directories ‘application’ and ‘system’ in my codeingiter web application has an index.html file. Inside this HTML file there is what looks to be a standard error message. It contains this code:
<html>
<head>
<title>403 Forbidden</title>
</head>
<body>
<p>Directory access is forbidden.</p>
</body>
</html>
I assume these are created so that if anyone tried to visit a directory inside either ‘application’ or ‘system’ it wouldn’t list all the files, but would instead show an error.
These seem redundant though as I have added an .htaccess in each directory to deny all access. Every PHP file in those two directories also has the first line:
if ( ! defined('BASEPATH')) exit('No direct script access allowed');
Which should mean that no one can view any of those files at all (as I am protected once by the .htaccess and once by that line of PHP).
Therefore my question is – in the interest of keeping my web application organised and clutter free, can I safely remove these index.html files? Will this cause any bad side effects to my codeigniter web application?
Thanks in advance
Yes, you can remove them.
but even if you have proper rights in place, you should have them there. as they are there on only purpose, in case, you forgot to implement proper directory browsing rights