2005-04-21

『Linux学习笔记』 防止Apache泄露WEB的秘密

Apache还是很好的WEB,但如果设置不当,也会造成WEB秘密被访问者下载,比如图标或软件,只要取消目录访问的索引文件就可以防止。编辑httpd.conf文件,
原文件为:

#
# This may also be "None", "All", or any combination of "Indexes",
# "Includes", "FollowSymLinks", "ExecCGI", or "MultiViews".
#
# Note that "MultiViews" must be named *explicitly* --- "Options All"
# doesn't give it to you.
#
Options Indexes FollowSymLinks MultiViews

只要把“Indexes ”删除,用户就不可能访问到目录文件了!

恍若如梦 发表于 2005-04-21 16:12:14 | 阅读 ()