Hide a directory from the site in Dev tools

Question

Hide a directory from the site in Dev tools

Asked 6 years, 5 months ago

Viewed 58 times

-1

I made a site a short time ago and realized that it is possible to see some site directories in Google Chrome Developer Tools (I have not tested this tool in other browsers). And I was a little worried about this because a security tip is always trying to put different names in the directory that manages the content of the site, but with this feature of Dev Tools is useless this security tip. I noticed that other more advanced sites does not show the content management directory.

Is there any script or way I can hide the directory from my system?

It does not display the complete directory, if a directory has the A, B and C files and the page loads only A and C, it will list A and C within that directory. As far as I know what you do a lot is to serve your site through CDN that reflects your files and some have some security features to protect the server

– Rômulo Gabriel Rodrigues

2018/01/19 at 13:05
@Romulogabrielrodrigues Do you have any link where I can learn more about this CDN that you mentioned?

– HERO GAMER OFICIAL

2018/01/19 at 13:22
1

This is not a tip, it’s a scam: "a security tip is always trying to put different names in the directory that manages the content of the site" - Either you protect the directory, or you put off the site root if it is not something to be accessed directly.

– Bacco

2018/01/19 at 13:59

1 answer

Browser other questions tagged javascript

You are not signed in. Login or sign up in order to post.

by Leandro Angelo • **9,330** points · Answer 1 · 2018-01-19T13:38:04+00:00

This is because you are serving resources to the site that are located within your administrative directory sistema/class/uploads.

It may even be correct that the upload is done inside this directory that only it has write permission.

But to consume these resources you can use a "CDN" solution, as suggested in the comments. The simplest changes would be: create a subdomain pointing to this path or map a virtual directory out of the directory sistema

Another detail is that the recommendation is not only to hide the administrative directory of the site, it in fact should not even exist.

It should be a different and isolated application without directly sharing the same client environment. Which in turn should not directly access the database and share as little as possible of the business objects.