Thursday, May 6, 2010

Hidden Apache directory listing

If you are on an RPM installation of Apache (which i dont really recommend) you will find the apache configuration file probably here:


If you are using apache from the source tar balls ( like real men ) probably you will find the configuration file here:


Using an editor like vi , edit the httpd.conf file and scroll until you find a line like this:

Options All Indexes FollowSymLinks MultiViews

To disable directory browsing carefully remove the line that says: Indexes and leave the line like this:

Options All FollowSymLinks MultiViews

Restart your apache webserver and thats it


No comments:

Post a Comment