httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Joshua Slive <>
Subject Re: [users@httpd] index/directories leave me vulnerable
Date Fri, 14 Oct 2005 00:15:06 GMT
On 10/13/05, paul johnson <> wrote:
> i have set up a simple guestbook php script. the index.php contains the
> admin password and this file is quite freely available if someone just went
> to the guestbook/  directory and downloaded  the file..
> is it possible to make it so people cant view directories/index's on my
> site. ive spent a good while looking for information relating to this but i
> cant find any.


But I think you have a deeper problem.  Why is guestbook.php
downloadable?  It should be processed by php so that the source code
should not be available for download.  Check you php config.


The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message