Link to home
Start Free TrialLog in
Avatar of luckyinc
luckyinc

asked on

Directory Browsing Apache

Linux and Apache are greek to me and I am in a situation where i need to turn off directory browsing.

I read up on a few articles and I found the httpd.config file ant the .htaccess file

The problem with the site is that directory browsing is turned off for http:// BUT when the site is transfered to the secure port (https://), directory browsing is allowed for the secure site.  How do I turn this off?
Avatar of kiranhk
kiranhk

Avatar of luckyinc

ASKER

Well, I am not really looking to restrict access to the pages, I am just not wanting Directory Browsing to be on.  I also have the same site on Port 80 and port 443.
Look for lines similar to the following:

<Directory "/">
        Options Indexes FollowSymLinks
        Order allow,deny
        Allow from all
</Directory>

get rid of "Indexes"

<Directory "/">
        Options FollowSymLinks
        Order allow,deny
        Allow from all
</Directory>

You may need to find these lines in multiple locations if you're running multiple services (ie 80 and 443)

This is what is confusing me.  I opened the httpd.config file and I found several instances of <Directory>  I made some changes to this yesterday and It did not like my syntax.  I also wondered why it is directing to the cgi-bin directory.

<Directory "path/cgi-bin">
   AllowOverride None
   Order allow, deny
   Allow from all
</Directory>

Then

<VirtualHost :443>
   <Directory "/path/cgi-bin">
            SSLOptions +StdEnvVars
    </Directory>
</VirtualHost>


I found another

#Directories...
<Directory "/">
   Options FollowSysLinks
   AllowOverride None
</Directory>

<Directory "/var/www/html">
   Options Indexes Includes FollowSymLinks
   AllowOverride None
   Allow from all
   Order Deny, Allow
</Directory>

<Directory "/var/www/icons">
  Options Indexes Multiviews
  AllowOverride None
  Allow from all
  Order allow, deny
</Directory>

<Directory "/var/www/cgi-bin">
  Options ExecCGI
  AllowOverride None
  Allow from all
  Order allow, deny
</Directory>
If I want to eliminate directory browsing to all folders after "var/www/whatever/"  Do I need to create a directory entry for every folder name that goes after "var/www/whatever/foldername/"????
ASKER CERTIFIED SOLUTION
Avatar of philjones85
philjones85
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial