Tuesday, May 29, 2012

apache htacess directory listing

Apache allows to disable directory listing using htacess files.

By default in ubuntu apache document root directory is /var/www

you can edit configuration file located at /etc/apache2/sites-enabled/000-default

You have a folder called "private" in /var/www/private which contains some information. If your system is connected to internet and have public access anyone can get data from http://yourdomain.com/private !!

To disable directory listing try this:

create a file called .htaccess in /var/www/private
set your favourite editor
export EDITOR=vim

sudo $EDITOR .htaccess

Options -Indexes                #disable directory listing on current directory
or
Options All -Indexes          #disable directory listing recursively


No comments:

Post a Comment