Apache Removes directory browsing
Apache Open Directory browsing by default, which greatly reduces the security of our site, the following is to close the Browse directory:
To prevent Apache from displaying a list of directory structures, simply remove the Indexes in Option.
For example, let's look at the directory configuration of a directory:
<directory "D:/apa/blabla" >
OptionsIndexesFollowSymLinks #改为--Options followsymlinks
AllowOverride None
Order Allow,deny
Allow from all
</Directory>
You just need to remove the Indexes from the red code above to prevent Apache from displaying the directory structure. The user will not see a list of files and subdirectories under that directory.
The function of Indexes is that when there is no index.html file in the directory, the directory structure is displayed, and the list of the directory is not displayed if Indexes,apache is removed.
The second method of
Workaround:
1. Edit the httpd.conf file
VI./conf/httpd.conf
Find the following:
......
<directory "C:/Program Files/apache2.2/htdocs" >
#
# Possible values for the Options directive is "None", "all",
# or any combination of:
Indexes includes followsymlinks symlinksifownermatch execcgi multiviews
#
# Note that "MultiViews" must is named *explicitly*---"Options all"
# doesn ' t give it to you.
#
# The Options directive is both complicated and important. Please see
# http://httpd.apache.org/docs/2.2/mod/core.html#options
# for more information.
#
Options Indexes FollowSymLinks
#
# AllowOverride Controls What directives is placed in. htaccess files.
# It can be ' all ', ' None ', or any combination of the keywords:
# Options FileInfo authconfig Limit
#
AllowOverride None
#
# Controls who can get stuff from the this server.
#
Order Allow,deny
Allow from all
</Directory>
......
In the options Indexes followsymlinks in front of the Indexes plus-symbol.
namely: Options-indexes followsymlinks
Note: Before indexes, add + represents allow directory browsing, plus-represents prohibit directory browsing. 】
This is the entire Apache Ban directory browsing.
If it is in a virtual host, just add the following information:
<directory "D:\test" >
Options-indexes FollowSymLinks
AllowOverride None
Order Deny,allow
Allow from all
</Directory>
In this case, directory browsing under test engineering is prohibited.
Note: Remember not to change "allow from all" to "Deny from all", otherwise the entire Web site can not be opened.
<Finished>
There is another way:
Can be entered in the. htaccess file of the root directory
<files *>
Options-indexes
</Files>
Copy Code
You can prevent Apache from listing the directory structure.
Apache Removes directory browsing