Apache Consolidation directory, file restrictions

If you use a similar Phpstudy integration platform, all the configurations you want to modify are basically set up on the Phpstudy.
But if your server is a step-by-step installation (Apache+php+mysql), then you have to have a certain understanding of the location of the function modification.

One, file type:

Target: http.conf

<files ~ ". bak$" >        Order allow,deny       deny from all </Files>

That is, restrict the file suffixes that can be accessed.

Or:

<filesmatch. (TXT) $>     Order allow,deny     deny from all</filesmatch>

Restrict access to the extended. txt.

　　

2. Directory Restrictions

Target: http.conf

<directory ~ "^/var/www/manage" >        Order Allow,deny
Allow 192.168.10.10      Deny from all</directory>

This works well on restricted sensitive catalogs. Under certain conditions, customers can be advised to use this method. Usually use the intranet designated machine maintenance background, the other is disabled.

　

3. Error or debug information

Target: php.ini

Display_errors = On
This function can be opened in the development environment. Easy to see code errors.
  It is recommended to turn off this feature in the production environment, otherwise it is easy to cause information disclosure (path, etc.)

　　

4. Directory traversal

Target: http.conf

DocumentRoot "D:\phpStudy\WWW"
<directory/>
Options +indexes +followsymlinks +execcgi
AllowOverride All
Order Allow,deny
Allow from all
Require all granted
</Directory>

Modified to: DocumentRoot "D:\phpStudy\WWW"
<directory/>
Options +indexes +followsymlinks +execcgi
AllowOverride All
Order Allow,deny
Allow from all
Require all granted
</Directory>

One of the key locations is:

Indexes

　　

Apache Consolidation directory, file restrictions