[SOLVED] Apache2 question - How to disable file browsing using IP address
Linux - SoftwareThis forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Apache2 question - How to disable file browsing using IP address
Hello forum,
Whenever I type in my IP address or local domain name in my browser (http://myipaddress), my entire directory tree shows up in the browser. Normally I would not mind this behavior but I am networking my main computer through a router and if anybody within the range of the router types in my IP address in their browser (using their computer), I think they too will be able to access every file on my computer. How do I disable this?
I am running Linux Mint 9 (based on Ubuntu Lucid) and Apache2. I would rather just be limited to using Nautilus to connect to the HTTP server using a password.
*every* file?? if that's the case then you're doing something far more wrong than enabling indexing. In order to answer your actual question, you would ensure that the Options directives do not include "Indexes" and that would cover it. However based on what you're saying is happening, doing that is really a trivial thing compared to the other huge security issues you are already exposing yourself to. the *entire* filesystem?? How??
I really did not understand the basics when I configured Apache2 but I got help from Googling the Internet. But honestly, I do not know how I managed to accomplish this behavior but the entire directory tree, including mounted drives in /media, shows up in the browser by typing http://myipaddress .
I might just disable Apache2 and stick with ssh or sftp.
if you aren't serving a website, then you should not use a web server, regardless of simplity etc. ssh / sftp / sshfs is a great way to achieve remoted file access, and i'd certainly recommend that over a webserver.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
