1. 技术文章
  2. Restrict access to directories through ip address

Restrict access to directories through ip address

狂风中的少年 提交于 2020-03-26 07:06:57

问题


I have a webserver with apache, say ip is 12.345.678.90. In my www directory there are a few sites, say, site1 and site2. Both belong to the same ip address - I created virtual hosts. Websites are on cakephp framework and there are a lots of directories, for example, app, app/tmp, lib, lib/Cake etc. When accessing the website like http://site1.com or http://site2.com everything is all right, and no way these directories can be viewed or accessed, but through ip I can see everything. 

http://12.345.678.90/
http://12.345.678.90/site1/lib
http://12.345.678.90/site1/app
http://12.345.678.90/site1/app/tmp

etc - all this directories with containing files for each site are visible. So, how I can prevent any kind of access through ip address ? Actually when opening just the ip http://12.345.678.90 it just shows nothing, as I had created empty index.html file, but I cant do that for all the folders,(or create htaccess for each directory). Can this be handled through single htaccess, or maybe better, by apache config, or by some other way ?

Thanks


回答1:


Try this

To disable Directory Listing

In your Apache configuration file (httpd.conf) file locate the directory section eg: /var/www/html 

<Directory "/var/www/html">
   Options Indexes FollowSymLinks
   AllowOverride None
   Order allow,deny 
   Allow from all
</Directory>

Remove the word Indexes or change Indexes to -Indexes

Then restart your Apache server service httpd restart

To Restrict Access: Directory Level

You can restrict access to certain directories by adding the following

<Directory "/var/www/html/site1/mydirectory">
   Order allow,deny
   Deny from all
</Directory>

By adding the above configuration to apache conf file the mydirectory will be blocked/restricted from access.

To Restrict Access: File Level

If you want to restrict a certain file in a directory. Add -

<Directory "/var/www/html/site1/mydirectory">
  Order allow,deny
  Allow from all
    <Files myfile.php>
        Order allow,deny
    </Files>
</Directory>

To prevent access of all files by IP Address

 <Files ~ ".+">
  Order allow,deny
  Deny from all
</Files>



回答2:


this should work(add it to you main .htaccess file) 

Options All -Indexes

this wont't allow other to see the files in your folder



来源:https://stackoverflow.com/questions/23508623/restrict-access-to-directories-through-ip-address

标签
php
apache
.htaccess
webserver
apache2.2
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!