如果网站根目录下有一个test的文件夹,里面有网页页面,如果test文件夹下没有系统定义的默认页面,当用户访问网站test目录的话,Apache会把test文件夹里的内容全列出来。这样是不安全的。
要禁止此功能,修改httpd.conf,找到下面这一句删除掉Indexes即可。
Options Indexes FollowSymLinks
配置示例:
<Directory “/usr/local/apache/htdocs”>
#
# Possible values for the Options directive are “None”, “All”,
# or any combination of:
# Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
#
# Note that “MultiViews” must be named *explicitly* — “Options All”
# doesn’t give it to you.
#
# The Options directive is both complicated and important. Please see
# http://httpd.apache.org/docs/2.2/mod/core.html#options
# for more information.
#
#Options Indexes FollowSymLinks
Options FollowSymLinks
#
# AllowOverride controls what directives may be placed in .htaccess files.
# It can be “All”, “None”, or any combination of the keywords:
# Options FileInfo AuthConfig Limit
#
AllowOverride All
#
# Controls who can get stuff from this server.
#
Order allow,deny
Allow from all
</Directory>
原创文章,转载请注明。本文链接地址: https://www.rootop.org/pages/1239.html