超哥 Apache httpd 目录列表禁用配置(options indexes)
文章目录
[隐藏]
- 一、缺省情况目录列表可查看示例
- 二、关闭options 中Indexes(关闭文件列表)
- 三、关闭FollowSymLinks(关闭访问符号链接文件)
Apache httpd服务器在缺省的情况下,开启了基于目录列表的访问,这是一个存在安全隐患的问题,因此可以关闭这个功能。在Apache 2.4的版本中,不在支持使用-indexes来配置,需要注释该功能。本文对此给出演示,供大家参考。
一、缺省情况目录列表可查看示例
当前环境
[root@centos7-web ~]# more /etc/redhat-release CentOS Linux release 7.2.1511 (Core) [root@centos7-web ~]# apachectl -v Server version: Apache/2.4.6 (CentOS) Server built: Nov 19 2015 21:43:13 为站点添加index.html页面
# echo "This is a apache test index page" > /var/www/html/index.html [root@centos7-web ~]# curl http://localhost This is a apache test index page 移除index.html
[root@centos7-web ~]# mv /var/www/html/index.html /var/www/html/index.tmp 依旧可以访问,不过此时为apache的缺省欢迎页面
移除apache欢迎页面
[root@centos7-web ~]# mv /etc/httpd/conf.d/welcome.conf /etc/httpd/conf.d/welcome.conf.bk [root@centos7-web ~]# cp /usr/share/backgrounds/* /var/www/html/. 
[root@centos7-web ~]# grep -Ev "^$|^#|*#" /etc/httpd/conf/httpd.conf >/etc/httpd/conf/httpd.conf.tmp [root@centos7-web ~]# cp /etc/httpd/conf/httpd.conf /etc/httpd/conf/httpd.conf.1106 [root@centos7-web ~]# mv /etc/httpd/conf/httpd.conf.tmp /etc/httpd/conf/httpd.conf mv: overwrite ‘/etc/httpd/conf/httpd.conf’? yes 二、关闭options 中Indexes(关闭文件列表)
[root@centos7-web ~]# vim /etc/httpd/conf/httpd.conf [root@centos7-web ~]# grep "Indexes" -B1 -A3 /etc/httpd/conf/httpd.conf 查看修改后的结果 <Directory "/var/www/html"> # Options Indexes FollowSymLinks ##注释该行 AllowOverride None Require all granted </Directory> [root@centos7-web ~]# systemctl reload httpd [root@centos7-web ~]# curl http://localhost <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>403 Forbidden</title> </head><body> <h4>Forbidden</h4> >You don't have permission to access / on this server.> </body></html> 三、关闭FollowSymLinks(关闭访问符号链接文件)
[root@centos7-web ~]# ln -sv /etc/redhat-release /var/www/html/redhat-release.html ‘/var/www/html/redhat-release.html’ -> ‘/etc/redhat-release’ [root@centos7-web ~]# ls -hltr /var/www/html/redhat-release.html lrwxrwxrwx 1 root root 19 Sep 21 16:15 /var/www/html/redhat-release.html -> /etc/redhat-release [root@centos7-web ~]# curl http://localhost/redhat-release.html CentOS Linux release 7.2.1511 (Core) [root@centos7-web ~]# vim /etc/httpd/conf/httpd.conf Options None ##改成Options None [root@centos7-web ~]# systemctl reload httpd [root@centos7-web ~]# curl http://localhost/redhat-release.html <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>403 Forbidden</title> </head><body> ##Author : Leshami <h4>Forbidden</h4> ## Blog : http://blog.csdn.net/leshami >You don't have permission to access /redhat-release.html on this server.> </body></html> 原文出处:csdn -> http://blog.csdn.net/leshami/article/details/78461590
本站所发布的一切资源仅限用于学习和研究目的;不得将上述内容用于商业或者非法用途,否则,一切后果请用户自负。本站信息来自网络,版权争议与本站无关。您必须在下载后的24个小时之内,从您的电脑中彻底删除上述内容。如果您喜欢该程序,请支持正版软件,购买注册,得到更好的正版服务。如果侵犯你的利益,请发送邮箱到 [email protected],我们会很快的为您处理。
