httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mark Montague <m...@catseye.org>
Subject Re: [users@httpd] Disabled directory listing, but I got 404 instead of 403
Date Wed, 16 Nov 2011 19:16:23 GMT
On November 16, 2011 14:02 , Torok Peter <netmano88@gmail.com> wrote:
> I tried to turn off, but when mod_dir is not loaded, I got a 404 error 
> for an url www.somesite.com/dirsite <http://www.somesite.com/dirsite> 
> where /dirsite/index.php does exist.

This is expected:  mod_dir, via the DirectoryIndex directive, is what 
looks for the "index.php" resource when the user requests directories. 
If you need this functionality, then you have to keep mod_dir enabled.  
If you have mod_dir enabled, then if a user requests a directory, and 
autoindexing is turned off, then mod_dir will look for an index file, 
and the correct response when the index file is not found is "404 Not 
Found", not "403 Forbidden".

If you really need these requests to result in a 403, you could try 
using mod_rewrite: "if the directory exists, and no index file exists, 
return '403 Forbidden'".  (Note that I have not tested this, I don't 
know if it will work)

RewriteCond %{REQUEST_FILENAME} -d
RewriteCond %{REQUEST_FILENAME/index.php !-f
RewriteRule ^. - [F]


--
   Mark Montague
   mark@catseye.org


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message