Home > Developer > Web Develop

Disable access to the Apache directory (2011-01-23-14:53:14)

Source: Internet
Author: User
Tags php website
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >

in the development of PHP Web site, based on the security of Web server and PHP website program code, we need to control the relevant directory or file access permissions to prevent the occurrence of unexpected situations, then how do we implement this function? We can use Apache to disable Directory access (no list of directories or files listed), disable or allow IP and domain names to access the directory. Configuring prohibit Directory Access in Apache, which is a way to disable the list of directories/files listed

When accessing the Site directory, Apache is configured to list directories/files by default, that is, when you access http://localhost, a list of related directories and files is listed, and we can modify the Apache configuration file httpd.conf to implement a list of prohibited directories/files. Here's how:

1. Open Apache configuration file httpd.conf

2. Find

<directory/>

Options Indexes

AllowOverride None
Order Allow,deny
Allow from all
</Directory>

Just modify the options Indexes to the options none, note: Depending on the PHP operating environment installation package, options Indexes may also be options Indexes FollowSymLinks, change to options none.

Also note: If you re-set the DocumentRoot, for example: the change of place is different.

<directory "D:/apache2/webpage" >

#
# Possible values for the Options directive is "None", "all",
# or any combination of:
# Indexes includes followsymlinks symlinksifownermatch execcgi multiviews
#
# Note that "MultiViews" must is named *explicitly*---"Options all"
# doesn ' t give it to you.
#
# The Options directive is both complicated and important. Please see
# http://httpd.apache.org/docs/2.0/mod/core.html#options
# for more information.
#
 # Options Indexes followsymlinks
 OptionsFollowSymLinks

The role of #Indexes is to display the directory structure when there are no index.html files in the directory, and to remove Indexes,apache the list of directories is not displayed.


# allowoverride controls what directives could be placed In. htaccess files.
# It can be is "all", "None", or any combination of the keywords:
#         allowoverride None

#
# Controls who can get stuff from the this server.
#
Order Allow,deny
allow from all

</Directory>

3, save httpd.conf, and restart Apache can, at this time to visit http://localhost, reported Apache HTTP 403 Forbidden Access error message

Forbidden

You don't have permission to access/on the this server.

Another method is to specify the Web directory under:http://jwc.jxatei.net:8080/ "index.html,  index.php "also resolves access to directory issues, but does not address the underlying problem.

At this point, by configuring the Apache server, we can implement a ban on Directory access (listing directories or file lists), which is an essential way to improve and optimize the security of your Web server.


Disable access to the Apache directory (2011-01-23-14:53:14)

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Related Keywords:
apache cannot access directory add directory to apache how to access apache apache disable cgi apache disable multiviews ubuntu apache disable site how to read apache access log

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

What's Trending
Top 10 Tags
datastax versions naming convention zookeeper client class definition md5 microsoft sql server 2005 data structures exception handling error handling
Top 10 Keywords
microsoft download center down wordpress address url site address url wordpress address url windows installer 4 0 download 302 not found web address url definition site address url wordpress db2 integer mac os installation step by step pdf abbreviation for return

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More