本文主要是介绍Apache httpd 目录列表禁用配置(options indexes),希望对大家解决编程问题提供一定的参考价值,需要的开发者们随着小编来一起学习吧!
Apache httpd服务器在缺省的情况下,开启了基于目录列表的访问,这是一个存在安全隐患的问题,因此可以关闭这个功能。在Apache 2.4的版本中,不在支持使用-indexes来配置,需要注释该功能。本文对此给出演示,供大家参考。
一、缺省情况目录列表可查看示例
当前环境
[root@centos7-web ~]# more /etc/redhat-release
CentOS Linux release 7.2.1511 (Core) [root@centos7-web ~]# apachectl -v
Server version: Apache/2.4.6 (CentOS)
Server built: Nov 19 2015 21:43:13为站点添加index.html页面
# echo "This is a apache test index page" > /var/www/html/index.html
[root@centos7-web ~]# curl http://localhost
This is a apache test index page移除index.html
[root@centos7-web ~]# mv /var/www/html/index.html /var/www/html/index.tmp
依旧可以访问,不过此时为apache的缺省欢迎页面
移除apache欢迎页面
[root@centos7-web ~]# mv /etc/httpd/conf.d/welcome.conf /etc/httpd/conf.d/welcome.conf.bk
[root@centos7-web ~]# cp /usr/share/backgrounds/* /var/www/html/.
[root@centos7-web ~]# grep -Ev "^$|^#|*#" /etc/httpd/conf/httpd.conf >/etc/httpd/conf/httpd.conf.tmp
[root@centos7-web ~]# cp /etc/httpd/conf/httpd.conf /etc/httpd/conf/httpd.conf.1106
[root@centos7-web ~]# mv /etc/httpd/conf/httpd.conf.tmp /etc/httpd/conf/httpd.conf
mv: overwrite ‘/etc/httpd/conf/httpd.conf’? yes
二、关闭options 中Indexes(关闭文件列表)
[root@centos7-web ~]# vim /etc/httpd/conf/httpd.conf [root@centos7-web ~]# grep "Indexes" -B1 -A3 /etc/httpd/conf/httpd.conf 查看修改后的结果
<Directory "/var/www/html">
# Options Indexes FollowSymLinks ##注释该行AllowOverride NoneRequire all granted
</Directory>[root@centos7-web ~]# systemctl reload httpd
[root@centos7-web ~]# curl http://localhost
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>403 Forbidden</title>
</head><body>
<h1>Forbidden</h1>
<p>You don't have permission to access /
on this server.</p>
</body></html>
三、关闭FollowSymLinks(关闭访问符号链接文件)
[root@centos7-web ~]# ln -sv /etc/redhat-release /var/www/html/redhat-release.html
‘/var/www/html/redhat-release.html’ -> ‘/etc/redhat-release’
[root@centos7-web ~]# ls -hltr /var/www/html/redhat-release.html
lrwxrwxrwx 1 root root 19 Sep 21 16:15 /var/www/html/redhat-release.html -> /etc/redhat-release[root@centos7-web ~]# curl http://localhost/redhat-release.html
CentOS Linux release 7.2.1511 (Core) [root@centos7-web ~]# vim /etc/httpd/conf/httpd.conf
Options None ##改成Options None
[root@centos7-web ~]# systemctl reload httpd [root@centos7-web ~]# curl http://localhost/redhat-release.html
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>403 Forbidden</title>
</head><body> ##Author : Leshami
<h1>Forbidden</h1> ## Blog : http://blog.csdn.net/leshami
<p>You don't have permission to access /redhat-release.html
on this server.</p>
</body></html>
这篇关于Apache httpd 目录列表禁用配置(options indexes)的文章就介绍到这儿,希望我们推荐的文章对编程师们有所帮助!