I want to remove the file extension for some of my files using Alias in my Apache site config file, but i just can't get it to work.
Here is an example:
Alias "/alias" "/the/real/path"
I have also tried this:
Alias /alias /the/real/path
With both i have tried the full path and the relative path from the root directory.
Does any one know how to probaly use Alias to do this?
Be sure to set AllowOverride All in the Directory config.
Example:
<Directory /var/www/>
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
</Directory>
I have an .htacces file and I am trying to open up access to a file and folder within a protected folder.
The file is index.php so I do the following:
<Files index.php>
Order Allow,Deny
Allow from All
Satisfy Any
</Files>
This works and give me access to this file. This file requires assets from the assets/ directory. So I try to open that directory up by doing the following:
<Directory "/assets">
Order Allow,Deny
Allow from All
Satisfy Any
</Directory>
But this is giving me a 500 error. Not sure why.
You can't use the <Directory> container inside an htaccess file (which is essentially like the <Directory> container itself). If you want to allow access to assets, then create an htaccess file inassets with just:
Order Allow,Deny
Allow from All
I just installed XAMPP on my personal CentOS box and when I try to disable Directory Listing I get an Apache error when restarting. My httpd.conf file looks like this after I make the changes:
httpd.conf
Alias /bitnami/ "/opt/lampp/apache2/htdocs/"
Alias /bitnami "/opt/lampp/apache2/htdocs"
<Directory "/opt/lampp/apache2/htdocs">
Options -Indexes FollowSymLinks
AllowOverride All
Order allow,deny
Allow from all
</Directory>
Error
XAMPP: Starting Apache...fail.
AH00526: Syntax error on line 5 of /opt/lampp/apache2/conf/httpd.conf:
Either all Options must start with + or -, or no Option may.
I have tried removing Indexes all together and I can still see my directories. Maybe I'm in the wrong file, but from what I've read disabling directory listing has to be made here or .htacces (which I am trying to avoid.) In case it comes up I have made sure to restart XAMPP every time I made changes.
The error message is pretty clear. To rephrase / show examples:
# relative to whatever lower precedence section applies
Options -Indexes
If your goal is to turn off indexes. If you want to make sure FollowSymlinks is also set, put a + in front of it:
# relative to whatever lower precedence section applies
Options -Indexes +FollowSymlinks
If you want to turn everything but FollowSymlinks off:
# not relative
Options FollowSymlinks
Please go to file: /opt/lampp/etc/httpd.conf
and either comment the line like this:
#Options Indexes FollowSymLinks Includes ExecCGI
or edit like this
Options -Index
For Windows machine: Do same editing in file /apache/conf/httpd.conf
I put a "+" in front of word "FollowSymlinks" to have success.
And replace this lines:
AllowOverride All
Order allow,deny
To:
Require all granted
I hope to help you!
You can also use:
sudo a2dismod autoindex
I'm using Apache 2.2x. Most of the content is generated via mod_perl. So, it's dynamic content that has no filesystem mapping. Perfect use of < Location >.
Apache config:
<Location /finance_module1>
SetHandler perl-script
PerlResponseHandler Finance::Module1
</Location>
<Location /finance/module2>
SetHandler perl-script
PerlResponseHandler Finance::Module2
</Location>
Module1 works, and is shown here to show that my setup otherwise works.
Module2 does not work. Apache says "File does not exist: /home/joe/www/htdocs/finance". The only difference between the module configurations is that Module2 location contains multiple slashes (what I'm calling a nested path).
About the "File does not exist" error: Of course it doesn't exist -- it's a Location, not a File or Directory. So why does this happen?
I would like to be able to use paths with multiple slashes because I've got a lot of mod_perl modules, and it would be nice to categorize for purposes of control. For one trivial instance, robots.txt could simply say:
Disallow: /finance/
The Apache docs specifically state that < Location > directives need not map to the filesystem, and are well-suited for dynamically generated content.
What am I doing wrong? Is there a workaround? (Besides the obvious "just don't do that").
Thanks.
Answering my own question, for the benefit of anyone else wondering the same thing.
Short answer, use LocationMatch.
In the example above, say the urls are /finance/module1 and /finance/module2. Having the "finance/" path allows all the finance handlers to be configured as a group, in situations where that's desirable.
For example:
<LocationMatch /finance/.*>
SetHandler perl-script
PerlAccessHandler foo
</LocationMatch>
<Location /finance/module1>
SetHandler perl-script
PerlResponseHandler Finance::Module1
</Location>
<Location /finance/module2>
SetHandler perl-script
PerlResponseHandler Finance::Module2
</Location>
Slight typo perhaps?
<Location /finance_module1>
vs.
<Location /finance/module2>
Not sure if that is the issue.
Perhaps this (add to httpd.conf)
Alias /finance "path-to-files"
<Directory "path-to-files">
Options +Indexes
AllowOverride All
Order allow,deny
Allow from all
</Directory>
Then try the script. You could also make an empty folder there perhaps?
I want to disable directory browsing of /galerias folder and all subdirectories
Index of /galerias/409
* Parent Directory
* i1269372986681.jpg
* i1269372986682.jpg
* i1269372988680.jpg
Create an .htaccess file containing the following line:
Options -Indexes
That is one option. Another option is editing your apache configuration file.
In order to do so, you first need to open it with the command:
vim /etc/httpd/conf/httpd.conf
Then find the line: Options Indexes FollowSymLinks
Change that line to: Options FollowSymLinks
Lastly save and exit the file, and restart apache server with this command:
sudo service httpd restart
(You have a guide with screenshots here.)
The best way to do this is disable it with webserver apache2. In my Ubuntu 14.X - open /etc/apache2/apache2.conf change from
<Directory /var/www/>
Options Indexes FollowSymLinks
AllowOverride None
Require all granted
</Directory>
to
<Directory /var/www/>
Options FollowSymLinks
AllowOverride None
Require all granted
</Directory>
then restart apache by:
sudo service apache2 reload
This will disable directory listing from all folder that apache2 serves.
Apart from the aformentioned two methods (edit /etc/apache2/apache2.conf or add Options -Indexes in .htaccess file), here is another one
a2dismod autoindex
Restart the apache2 server afterwards
sudo service apache2 restart
Edit/Create an .htaccess file inside /galerias with this:
Options -Indexes
Directory browsing is provided by the mod_autoindex module.
You can place an empty file called index.html into each directory that you don't want listed. This has several advantages:
It (usually) requires zero configuration on the server.
It will keep working, even if the server administrator decides to use "AllowOverride None" in the the server configuration. (If you use .htaccess files, this can lead to lots of "Error 500 - internal server error" messages for your users!).
It also allows you to move your files from one server to the next, again without having to mess with the apache configuration.
Theoretically, the autoindexing might be triggered by a different file (this is controlled by the DirectoryIndex option), but I have yet to encounter this in the real world.
One of the important thing is on setting a secure apache web server is to disable directory browsing. By default apache comes with this feature enabled but it is always a good idea to get it disabled unless you really need it.
Open httpd.conf file in apache folder and find the line that looks as follows:
Options Includes Indexes FollowSymLinks MultiViews
then remove word Indexes and save the file. Restart apache. That's it
If you choose to modify your httpd.conf file to solve this and you have multiple Options directives, then you must add a - or a + before each directive. Example:
Options -Indexes +FollowSymLinks
This is not an answer, just my experience:
On my Ubuntu 12.04 apache2, didn't find Indexes in either apache2.conf or httpd.conf, luckily I found it in sites-available/default. After removing it, now it doesn't see directory listing. May have to do it for sites-available/default-ssl.
To complete #GauravKachhadiya's answer :
IndexIgnore *.jpg
means "hide only .jpg extension files from indexing.
IndexIgnore directive uses wildcard expression to match against directories and files.
a star character , it matches any charactes in a string ,eg : foo or foo.extension, in the following example, we are going to turn off the directory listing, no files or dirs will appear in the index :
IndexIgnore *
Or if you want to hide spacific files , in the directory listing, then we can use
IndexIgnore *.php
*.php => matches a string that starts with any char and ends with .php
The example above hides all files that end with .php
Open Your .htaccess file and enter the following code in
Options -Indexes
Make sure you hit the ENTER key (or RETURN key if you use a Mac) after entering the "Options -Indexes" words so that the file ends with a blank line.
Add this in your .htaccess file:
Options -Indexes
If it is not work for any reason, try this within your .htaccess file:
IndexIgnore *
Try this in .htaccess:
IndexIgnore *.jpg
In Directory Section ( /etc/httpd/httpd.conf)
Remove Line - Options Indexes FollowSymLinks
New Line - Options FollowSymLinks
I found another way of doing this with virtual hosts:
<VirtualHost *:80>
DocumentRoot C:/WAMP/Apache24/htdocs/
ServerName vehiclesspares.com
<Directory C:/WAMP/Apache24/htdocs/vehiclesspares.com>
Options FollowSymLinks
AllowOverride None
Require all granted
</Directory>
</VirtualHost>
This worked for me on Apache 2.4.54 on my local windows machine with the host file (C:\Windows\System32\drivers\etc\hosts) containing the line:
127.0.0.1 vehiclesspares.com
This configuration also had vehiclesspares.com under the docroot: C:\WAMP\Apache24\htdocs\vehiclesspares.com