luckyinc
asked on
Directory Browsing Apache
Linux and Apache are greek to me and I am in a situation where i need to turn off directory browsing.
I read up on a few articles and I found the httpd.config file ant the .htaccess file
The problem with the site is that directory browsing is turned off for http:// BUT when the site is transfered to the secure port (https://), directory browsing is allowed for the secure site. How do I turn this off?
I read up on a few articles and I found the httpd.config file ant the .htaccess file
The problem with the site is that directory browsing is turned off for http:// BUT when the site is transfered to the secure port (https://), directory browsing is allowed for the secure site. How do I turn this off?
http://www.abdn.ac.uk/diss/webpack/factsheet20.shtml#section20.2
ASKER
Well, I am not really looking to restrict access to the pages, I am just not wanting Directory Browsing to be on. I also have the same site on Port 80 and port 443.
Look for lines similar to the following:
<Directory "/">
Options Indexes FollowSymLinks
Order allow,deny
Allow from all
</Directory>
get rid of "Indexes"
<Directory "/">
Options FollowSymLinks
Order allow,deny
Allow from all
</Directory>
You may need to find these lines in multiple locations if you're running multiple services (ie 80 and 443)
<Directory "/">
Options Indexes FollowSymLinks
Order allow,deny
Allow from all
</Directory>
get rid of "Indexes"
<Directory "/">
Options FollowSymLinks
Order allow,deny
Allow from all
</Directory>
You may need to find these lines in multiple locations if you're running multiple services (ie 80 and 443)
ASKER
This is what is confusing me. I opened the httpd.config file and I found several instances of <Directory> I made some changes to this yesterday and It did not like my syntax. I also wondered why it is directing to the cgi-bin directory.
<Directory "path/cgi-bin">
AllowOverride None
Order allow, deny
Allow from all
</Directory>
Then
<VirtualHost :443>
<Directory "/path/cgi-bin">
SSLOptions +StdEnvVars
</Directory>
</VirtualHost>
I found another
#Directories...
<Directory "/">
Options FollowSysLinks
AllowOverride None
</Directory>
<Directory "/var/www/html">
Options Indexes Includes FollowSymLinks
AllowOverride None
Allow from all
Order Deny, Allow
</Directory>
<Directory "/var/www/icons">
Options Indexes Multiviews
AllowOverride None
Allow from all
Order allow, deny
</Directory>
<Directory "/var/www/cgi-bin">
Options ExecCGI
AllowOverride None
Allow from all
Order allow, deny
</Directory>
<Directory "path/cgi-bin">
AllowOverride None
Order allow, deny
Allow from all
</Directory>
Then
<VirtualHost :443>
<Directory "/path/cgi-bin">
SSLOptions +StdEnvVars
</Directory>
</VirtualHost>
I found another
#Directories...
<Directory "/">
Options FollowSysLinks
AllowOverride None
</Directory>
<Directory "/var/www/html">
Options Indexes Includes FollowSymLinks
AllowOverride None
Allow from all
Order Deny, Allow
</Directory>
<Directory "/var/www/icons">
Options Indexes Multiviews
AllowOverride None
Allow from all
Order allow, deny
</Directory>
<Directory "/var/www/cgi-bin">
Options ExecCGI
AllowOverride None
Allow from all
Order allow, deny
</Directory>
ASKER
If I want to eliminate directory browsing to all folders after "var/www/whatever/" Do I need to create a directory entry for every folder name that goes after "var/www/whatever/folderna me/"????
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.