Search This Blog

Tuesday, February 28, 2012

How to disable directory browsing , APACHE

How to disable directory browsing , APACHE:

One of the "must do's" on setting a secure apache webserver environment is to disable directory browsing. As a default Apache will be compiled with this option enabled, but its always a good idea to get rid of this setting unless its really necessary. If you have some basic knowledge of vi editor follow this steps

If you are on an RPM installation of Apache (which i dont really recommend) you will find the apache configuration file probably here:

/etc/httpd/conf/httpd.conf

If you are using apache from the source tar balls ( like real men ) probably you will find the configuration file here:

/usr/local/apache/conf/httpd.conf

Using an editor like vi , edit the httpd.conf file and scroll until you find a line like this:

Options All Indexes FollowSymLinks MultiViews

To disable directory browsing carefully remove the line that says: Indexes and leave the line like this:

Options All FollowSymLinks MultiViews

Restart your apache webserver and thats it

No comments:

Post a Comment