Portal Home > Knowledgebase > Articles Database > How to stop people from browsing directories?
How to stop people from browsing directories?
| Posted by vB-WP-Admin, 10-10-2008, 11:22 AM |
| Is there a configuration setting in Apache 2.x (linux) to make the directories unbrowseable through http? Currently if a directory doesn't have the index file, people can see the directory content by typing in its address and I want to stop that.
|
| Posted by ThatScriptGuy, 10-10-2008, 11:24 AM |
|
|
| Posted by vB-WP-Admin, 10-10-2008, 11:29 AM |
| Isn't it for .htaccess or does it work in httpd.conf as well?
|
| Posted by Sh3khar, 10-10-2008, 11:38 AM |
| If you wish to deny directory listing for all the accounts on your server, insert the below code in your Apache configuration file and restart apache.
Options -Indexes FollowSymLinks MultiViews
AllowOverride All
assuming you have all the website under /home directory.
To disable directory listing for an account, you need to insert the below code in the .htaccess file of that specific account.
Options -Indexes
Regards.
|
| Posted by vB-WP-Admin, 10-10-2008, 12:57 PM |
| Thanks Sh3khar
|
| Posted by david510, 10-10-2008, 02:40 PM |
| To achieve this globally, Edit the file /etc/httpd/conf/access.conf and remove the word "Indexes", save it and restart apache.
|
| Posted by Tim Greer, 10-10-2008, 06:01 PM |
| Also, remember that if you have directories set to chmod 0711, instead of 0755 (or higher), everything will work normally, but permissions to list files will be denied. There's really no reason to use another permission for web directories by default, unless you want people to view the files within it (in which case you can allow world access to list files). Denying listing in Apache or an .htaccess file is a good method as well.
|
| Posted by ThatScriptGuy, 10-10-2008, 06:04 PM |
| That's nifty Tim. I wasn't aware that you could do that, although it does make sense.
|
Add to Favourites 
Print this Article
Also Read
