Apache和Tomcat限制文件访问或下载
Apache,在http.conf中的<Directory >里面加入
<FilesMatch "pattern"> Order Deny,Allow Deny from all </FilesMatch>
?
Tomcat,在web.xml里加入
<security-constraint> <display-name>HelloApp Configuration Security Constraint</display-name> <web-resource-collection> <web-resource-name>Protected Area</web-resource-name> <!-- Define the context-relative URL(s) to be protected --> <url-pattern>/pattern</url-pattern> <!--可在这里设置要被限制的文件夹--> </web-resource-collection> <auth-constraint> <!-- Anyone with one of the listed roles may access this area --> </auth-constraint> </security-constraint>
?
