restricting access to folders on server

i am using apache server and presently when i try accessing any folders of my website i am able to

browse the files ex = www.website.com/images which is a serious security risk as i am building a

forum website using php and mysql.

in the root directory i have created a .htaccess file and whenever someone access a file which is not

on the server i have created a user friendly message that the file does not exist instead of a 404

error message displayed by the browser.

similar to this how can i go about restricting users to browse all my folders in the toot directory.

if anyone accesses for ex = www.website.com/phpscripts an alert should appear asking them to enter a

username and password.

1. how can i do this using apache.
2. where do i write the username and password information and will this apply to all the folders in

the root directory or specific directories.

please advice.

thanks.

re: restricting access to folders on server

You also do this using .htaccess: .these files (or "distributed configuration files") provide a way to make configuration changes on a per-directory basis.

See for a tutorial on implementing this the Apache website at Apache tutorial: htaccess

Ronald

re: restricting access to folders on server

Another easy way is to make an index.php file in that particular folder with the following code.[php]<?php
header("Location:http://www.sitename.com/restricted.php");
?>[/php]