httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Nick Kew <n...@webthing.com>
Subject Re: [users@httpd] Block Tomcat's directory listing vulnerability with Directory and regex
Date Tue, 19 Dec 2006 00:02:04 GMT
On Mon, 18 Dec 2006 18:26:06 -0500
"Leo Gil" <leonardobgil@gmail.com> wrote:

> Hi all,
> 
> I have been trying to block the Tomcat directory listing vulnerability
> using Apache's Directory with no success.

No chance.  <Directory> applies to local files, not anything
served by tomcat.  You want <LocationMatch>.


-- 
Nick Kew

Application Development with Apache - the Apache Modules Book
http://www.apachetutor.org/

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message