Hey guys, I'm trying to help my buddy with his site. He has directories like ex: "www.blah.com/images" a person snooping around can easily get into his image directory and browse. How can he lock that or what not?

Something I found via google

You can control your directory browsing function via
.htaccess files.
Just create a text file called "htaccess.txt" in a text
editor. Then copy the following line into your htaccess.txt
file:

Options -Indexes
Save the file and upload it to the remote directory you want
to turn off directory browsing in. Once you have uploaded
the htaccess.txt file, rename it name to be ".htaccess".
You have now turned off directory browsing.

Just tried it on my site, works great. If you want to disable it for the entire website, just put the file on the root of your server (public_html or httpdocs, etc)

Simpler solution: just upload a file called "index.html" and it can be blank.

learn about "chmod (http://www.google.com/search?q=chmod&sourceid=mozilla-search&start=0&start=0&ie=utf-8&oe=utf-8&client=firefox-a&rls=org.mozilla:en-US:official)"

ITR, this is off topic, but you have the best avitar EVER

Simpler solution: just upload a file called "index.html" and it can be blank.
while a normal user may be thrown off by this, its easy to get around if you know what your doing. Htaccess is a good way to restrict users from viewing a specific directory. I would write out a tutorial, but Im lazy... this is a solid short tutorial that tells you everything you need to know. Check in the control panel of your website, they usually have directory protection built in. If not:
http://www.modwest.com/help/kb1-32.html

while a normal user may be thrown off by this, its easy to get around if you know what your doing. Htaccess is a good way to restrict users from viewing a specific directory. I would write out a tutorial, but Im lazy... this is a solid short tutorial that tells you everything you need to know. Check in the control panel of your website, they usually have directory protection built in. If not:
http://www.modwest.com/help/kb1-32.html

What he said.
Log into your Cpanel and PW protect the Directory. It's the only safe way really.

there might also be an option, depending on your host, that will allow you to index directories.
turn that off...if it's on.