How can we disable building of directory index in
httpd? One of the most important settings in Apache to secure Apache web server
is to disable directory browsing. To prevent the server from
showing a listing of the existing files in case there is no index in one
folder.
Usually Apache comes with this feature enabled but it’s
always a good idea to get it disabled unless you really need it.
First of all find where the main Apache's config file httpd.conf is located. If we are using RHEL7/Centos7, it should be located under /etc/httpd/conf/httpd.conf. Using Vim or Nano open this file and find the line that looks as follows:
Options Indexes
FollowSymLinks
|
Or
<Directory />
Options Indexes FollowSymLinks
AllowOverride None
</Directory>
|
Then remove word Indexes and save the file.
The line should look like this one:
Options
FollowSymLinks MultiViews
|
Or
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
|
After it is done, restart apache
(e.g. /etc/init.d/httpd restart).
[root@linuxcnf ~]#/etc/init.d/httpd
restart
|
That’s it!
No comments:
Post a Comment