Disable access to the Apache directory (2011-01-23-14:53:14)

Source: Internet
Author: User
Tags php website

in the development of PHP Web site, based on the security of Web server and PHP website program code, we need to control the relevant directory or file access permissions to prevent the occurrence of unexpected situations, then how do we implement this function? We can use Apache to disable Directory access (no list of directories or files listed), disable or allow IP and domain names to access the directory. Configuring prohibit Directory Access in Apache, which is a way to disable the list of directories/files listed

When accessing the Site directory, Apache is configured to list directories/files by default, that is, when you access http://localhost, a list of related directories and files is listed, and we can modify the Apache configuration file httpd.conf to implement a list of prohibited directories/files. Here's how:

1. Open Apache configuration file httpd.conf

2. Find


<directory/>

Options Indexes

AllowOverride None
Order Allow,deny
Allow from all
</Directory>

Just modify the options Indexes to the options none, note: Depending on the PHP operating environment installation package, options Indexes may also be options Indexes FollowSymLinks, change to options none.

Also note: If you re-set the DocumentRoot, for example: the change of place is different.

<directory "D:/apache2/webpage" >

#
# Possible values for the Options directive is "None", "all",
# or any combination of:
# Indexes includes followsymlinks symlinksifownermatch execcgi multiviews
#
# Note that "MultiViews" must is named *explicitly*---"Options all"
# doesn ' t give it to you.
#
# The Options directive is both complicated and important. Please see
# http://httpd.apache.org/docs/2.0/mod/core.html#options
# for more information.
#
 # Options Indexes followsymlinks
 OptionsFollowSymLinks

The role of #Indexes is to display the directory structure when there are no index.html files in the directory, and to remove Indexes,apache the list of directories is not displayed.


# allowoverride controls what directives could be placed In. htaccess files.
# It can be is "all", "None", or any combination of the keywords:
#         allowoverride None

#
# Controls who can get stuff from the this server.
#
Order Allow,deny
allow from all

</Directory>

3, save httpd.conf, and restart Apache can, at this time to visit http://localhost, reported Apache HTTP 403 Forbidden Access error message

Forbidden

You don't have permission to access/on the this server.

Another method is to specify the Web directory under:http://jwc.jxatei.net:8080/ "index.html,  index.php "also resolves access to directory issues, but does not address the underlying problem.

At this point, by configuring the Apache server, we can implement a ban on Directory access (listing directories or file lists), which is an essential way to improve and optimize the security of your Web server.


Disable access to the Apache directory (2011-01-23-14:53:14)

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.