Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

CodeIgniter: Is it safe to delete index.html from all folders?

I'm new to CodeIgniter. I notice that all CodeIgniter folders (cache, config, controllers, core, errors, etc...) contains an index.html file that basically says "Directory access is forbidden". Correct me if I'm wrong, but I don't think it is possible to get to any of these folders from the web based on CodeIgniter's default configuration.

What is the purpose of these index.html files? Can I just delete them, or do I leave them alone?

Thanks much.

like image 520
limc Avatar asked Jun 16 '11 14:06

limc


3 Answers

The purpose of them is to prevent the contents of the directory from displaying if directory listing is enabled on your server. Apache servers by default have directory listing enabled.

There are several instances where given the right circumstances you might be able to attempt to browse to a folder directly. These would mainly be caused by a server which is not configured properly, or an exploit. Therefore it is really best if you just leave the index.html files alone (they aren't hurting anything, and they don't take up that much space).

I'd even go as far as to suggest that you too add an index.html file to any and all folders which you create.

like image 160
tplaner Avatar answered Oct 29 '22 03:10

tplaner


They are there for fail-safes, ie. if for some reason the directory structure would get to be publicly browsable.

I can't see any reason to remove them.

like image 30
geekuality Avatar answered Oct 29 '22 03:10

geekuality


If your codeigniter installation (system and app folders) is outside of your public server directory, then they're not going to help with anything since they could never be served. In that case, it doesn't matter whether they exist or not, since you could never get to their directories anyway.

like image 29
Matthew Avatar answered Oct 29 '22 02:10

Matthew