httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Hugh E Cruickshank" <h...@forsoft.com>
Subject [users@httpd] Directory hiding
Date Tue, 16 Sep 2008 01:44:04 GMT
Apache 2.0.46 on RHEL3.9

Hi All:

I am attempting to determine if there is a method of "hiding" the
subdirectories on our web server. I have spent the better part of
the day doing Google searches without coming up with anything that
would seem to work.

Right now if someone were to attempt to access these subdirectories
(i.e. http://www.example.com/cgi-bin) they would receive a 403
Forbidden error message. Unfortunately this is not quite acceptable
to the IBM Rational AppScan utility which recommends that a 404
Not found error should be issued.

I did find one suggestion. So I tried adding:

<DirectoryMatch cgi-bin>
   order allow,deny
   deny from all
</DirectoryMatch>

but this did not work and it would not allow our application to run
either.

Any suggestions would be greatly appreciated.

TIA

Regards, Hugh

-- 
Hugh E Cruickshank, Forward Software, www.forward-software.com 

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message