[Sussex] An introduction and Apache
David Morris
dave at greenacre.no-ip.com
Wed Jun 15 22:54:32 UTC 2011
On 15/06/11 20:56, Will Earnshaw wrote:
> Hi Fay
>
> Thanks for the warm welcoming and such a quick response!
>
>> One of the "must do's" on setting a secure apache webserver
>> environment is to disable directory browsing. As a default Apache
>> will be compiled with this option enabled. Google: apache "disable
>> directory browsing"
I wouldn't of said that disabling directory browsing adds much security,
it just makes it a bit harder to find the contents of each directory,
and security through obscurity doesn't work. Also it's a default config
setting rather than been compiled in.
When you do change it, I suggest you disable it for the whole site, and
just enable it in the directories which you wish to have browsing enabled.
>
> Fantastic! I'd been googling that problem for ages, but I had no idea
> what it was called.
> More good fortune! The article I found also taught me how to write my
> own 404/403 pages, solving the other problem. Excellent!
>
> Now back to hacking my Java game...lucky me!
>
You doing this as an Applet or using JEE?
> Many thanks
>
> Will
>
>
> --
> Sussex mailing list
> Sussex at mailman.lug.org.uk
> E-mail Address: sussex at mailman.lug.org.uk
> Sussex LUG Website: http://www.sussex.lug.org.uk/
> https://mailman.lug.org.uk/mailman/listinfo/sussex
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 262 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.lug.org.uk/pipermail/sussex/attachments/20110615/793b3046/attachment.pgp>
More information about the Sussex
mailing list