[Sussex] An introduction and Apache

Steve Dobson steve at dobbo.org
Thu Jun 16 10:54:48 UTC 2011 

Hi again Will

On 15/06/11 20:35, Fay Zee wrote:
> Hi Will,
> 
> Welcome to the list!
> 
> On 15 June 2011 20:08, Will Earnshaw  wrote:
>> Hey everyone!
>>
>>     I'm Will. I run an Ubuntu Server 10.04 box remotely 
> 
> Nice to get the background.
> 
>> I've recently installed Apache web server and managed to get it to
> run
>> several websites that I own. However, I've noticed that when you
> type a
>> directory into the url bar (i.e. www.example.co.uk/main/) it shows
> an FTP
>> like read out of the files within that directory, including the
> behind the
>> scenes php scripts. Is it possible to stop it doing this?
> 
> One of the "must do's" on setting a secure apache webserver
> environment is to disable directory browsing. As a default Apache will
> be compiled with this option enabled. Google: apache "disable
> directory browsing"

Fay is right in that it is best to disable this feature, but there is a
simpler way to stop that happening.

Debian's (and I assume Ubuntu) Apache package comes with the "dir" module.

If you look at the contents of the "dir" module configuration file:

	$ cat /etc/apache2/mods-available/dir.conf

You should see the "DirectoryIndex" command that specify the files to
use (in priority order I believe) if the URL request doesn't contain a
file name (which www.example.co.uk/main/ does not as "main" is a
directory).  Hopefully Ubuntu includes the file "index.php" in that
list.  If is doesn't you will need to add it (or whatever name you wish
to used by default).

Now if you have a file called "index.php" any of your web server
directories then it will be served up by default.  To enable the "dir"
module the following commend should be used:

	$ sudo a2enmod dir

Any change to the modules enabled/disabled requires a "restarting" of
the Apache server:

	$ sudo /etc/init.d/apache2 restart

If you're just modifying the configuration file then a reload is all
that is needed:

	$ sudo /etc/init.d/apache2 reload

Hope this helps
Steve

-- 
Steve "Dobbo" Dobson

More information about the Sussex mailing list