Apache下实现禁止目录浏览
当我们访问某个网站时,在后面增加相应的目录,就可以浏览到目录,对于网站来说,是很不安全的。
解决办法:
1、编辑httpd.conf文件
vi ./conf/httpd.conf
找到如下内容:
……
<Directory “C:/Program Files/Apache2.2/htdocs”>
#
# Possible values for the Options directive are “None”, “All”,
# or any combination of:
Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
#
# Note that “MultiViews” must be named *explicitly* — “Options All”
# doesn’t give it to you.
#
# The Options directive is both complicated and important. Please see
# http://httpd.apache.org/docs/2.2/mod/core.html#options
# for more information.
#
Options Indexes FollowSymLinks
#
# AllowOverride controls what directives may be placed in .htaccess files.
# It can be “All”, “None”, or any combination of the keywords:
# Options FileInfo AuthConfig Limit
#
AllowOverride None
#
# Controls who can get stuff from this server.
#
Order allow,deny
Allow from all
</Directory>
……
在Options Indexes FollowSymLinks在Indexes前面加上 – 符号。
即: Options
-Indexes FollowSymLinks
【备注:在Indexes前,加 + 代表允许目录浏览;加 – 代表禁止目录浏览。】
这样的话就属于整个Apache禁止
