Setting up a Non-Web Accessible Root Folder
When setting up your shared hosting account, you are required to enter the primary domain name to be used for your website. The primary domain name serves as one of several unique identifiers for your site, and it is also the primary address visitors use to access your site's root content folder through a Web browser.
By default, this root folder is set as an application root and also set to allow anonymous access. These options cannot be changed directly. However, you can make your root folder non-web accessible using a false domain name. Keep in mind, false domain names cannot be secured with an SSL.
A domain name (real or false) is still required to act as one of your site's identifiers.
Note: This procedure applies to Deluxe and Unlimited Hosting accounts only. For more information, see What type of hosting account do I have?
To Set up a Non-Accessible Root Folder
- Change your hosting account's primary domain name to a false domain name. For more information, see Changing Your Hosting Account's Domain Name.
NOTE: Changes to the primary domain affect the availability of your site. Your site is not accessible until the remaining steps are completed. This change also requires the use of server IP address and not domain name to FTP. If you have an SSL certificate applied to your hosting account, you cannot change your primary hosted domain name.
- Add your real domain name as a secondary domain — make sure you use the hosting account's root as the domain name's Folder. For more information, see Adding Domain Names to Your Hosting Account.
After you update your account in this way, it is important to remember that the root folder of your site still allows access to anonymous users, but not through a Web browser. It is possible that your site may allow users to access files stored in these directories. If you would like folders to be more secure, create a new virtual directory off of the site root and restrict its access.