日期:2014-05-16  浏览次数:20750 次

Apache下实现禁止目录浏览
   当我们访问某个网站时,在后面增加相应的目录,就可以浏览到目录,对于网站来说,是很不安全的。
   
    解决办法:
        1、编辑httpd.conf文件
            vi ./conf/httpd.conf

   找到如下内容:
          ......
          <Directory "C:/Program Files/Apache2.2/htdocs">
              #
              # Possible values for the Options directive are "None", "All",
              # or any combination of:
                 Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
              #
              # Note that "MultiViews" must be named *explicitly* --- "Options All"
              # doesn't give it to you.
              #
              # The Options directive is both complicated and important.  Please see
              # http://httpd.apache.org/docs/2.2/mod/core.html#options
              # for more information.
              #
              Options Indexes FollowSymLinks

              #
              # AllowOverride controls what directives may be placed in .htaccess files.
              # It can be "All", "None", or any combination of the keywords:
              #   Options FileInfo AuthConfig Limit
              #
              AllowOverride None

              #
              # Controls who can get stuff from this server.
              #
              Order allow,deny
              Allow from all

          </Directory>
          ......

   在Options Indexes FollowSymLinks在Indexes前面加上 -  符号。
        即: Options -Indexes FollowSymLinks
   【备注:在Indexes前,加 + 代表允许目录浏览;加 -  代表禁止目录浏览。】

    这样的话就属于整个Apache禁止