Apache2: Prevent Directory Listing
Greetings,
I am using Ubuntu 5.10 (Breezy Badger). I would like to know how to prevent directory listings in Apache2 on Ubuntu. For example, I am able to view the contents of a folder called "test" that I created inside /var/www. I don't want visitors to be able to view the contents of directories. Thank you for your time, Nick |
Have a look in your httpd.conf file. There will be an Options directive in the Directory section that has the Indexes option set. If there are other options that you want to keep, just remove Indexes. For example, the following displays indexes (I've removed the other lines):
Code:
<Directory "/var/www/html"> Code:
<Directory "/var/www/html"> |
You might try placing the following in your httpd.conf file
<Directory /var/www/test> Options -Indexes </Directory> Also I believe if you create an index.html file in the test directory this would also stop the viewing of the folder contents. Brian |
Quote:
Have an index.html file with nothing in it except the most basic HTML: Code:
<html><body></body></html> Code:
<html><body><H1>GOTCHA!!!!!</h1><br><br><H2>You know you shouldn't try to view the raw images like this... Tisk, tisk tisk...</h2></body></html> Peace... |
Or you can make the directory not readable by the Apache user; then it will certainly not display a listing. This is probably the simplest option. I do this for all of my webspaces, whether or not I use an index page.
|
I routinely put an index.html file in every directory. I do this because if I am hosted on someone else's server then I don't want to have to deal with how they may have configured their Apache, and on my own servers it makes it easier for me to tell directly when I do a directory listing - and it is one less thing I have to deal with when I move the site to another server.
My index.html file is always a redirect, taking the visitor to where I want them to start. You also could put a DirectoryIndex directive into .htaccess |
Thanks to everyone who replied.
I first started using Apache on Fedora Core 4 and was used to having all the config settings in httpd.conf. Now that I'm using Ubuntu 5.10 (Breezy Badger), I've noticed the Apache settings are handled a bit differently. There's an apache2.conf file, httpd.conf file, and ports.conf file. In order to prevent listing the contents of /var/www/testdir (using the indexes method), I had to edit the httpd.conf file, as shown below: Code:
# This is here for backwards compatability reasons and to support Another option to prevent listing the contents of /var/www/testdir (using the indexes method), was to edit /etc/apache2/sites-available/default. Here are the contents of that file: Code:
NameVirtualHost * Code:
<Directory /var/www/> Thanks a lot, *Nick* |
You are using Apache2 in Ubuntu and, I presume, you were using Apache 1.3 in FC4.
Apache2 makes a lot of changes. I suggest you visit apache.org to learn about it. |
Quote:
Peace... |
Quote:
|
Apache2: Prevent Directory Listing
Quote:
|
All times are GMT -5. The time now is 06:56 PM. |