Visit Our UNIX and Linux User Community


Restricting directory access in Apache server


 
Thread Tools Search this Thread
Operating Systems Linux Restricting directory access in Apache server
# 1  
Old 06-04-2013
Ubuntu Restricting directory access in Apache server

Hi all,

I have a web site that I'm serving on an Apache server, and it has a number of different folders, but I only want the user to be able to access certain ones -- the majority of them I don't want the user to access. I tried modifying my /etc/apache2/conf.d/security file to do this, but I can't figure out why it's not working.

And before anyone asks, yes, I did restart apache, both with apachectl restart and service apache2 restart. Smilie

Anyway, my security file looks like this:

Code:
# Root directory
<Directory /var/www>
       AllowOverride None
       Order Deny,Allow
       Deny from all
</Directory>

# Directory I want the user to access
<Directory /var/www/mysite>
       AllowOverride None
       Order Allow,Deny
       Allow from all
</Directory>

# Other directories for the user to access down here

This seems like it should work, based on a lot of Googling, but I'm still getting access to all my folders from the browser, and access to folder indexes, which I don't want in any folder, regardless of whether it can be seen in the browser.

Can anyone point me in the right direction about what I'm doing wrong, please?

Thanks,
Zel2008
# 2  
Old 06-05-2013
You example does not turn off directory listings. You need to add

Code:
     Options -Indexes

within your <Directory>-Blocks.

Previous Thread | Next Thread
Test Your Knowledge in Computers #213
Difficulty: Medium
OSPF-TE is an extension to OSPF extending the expressivity to allow for traffic engineering and use on non-IP networks.
True or False?

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

Problem with Restricting Directory in Apache

Hello, I want to restrict access to our Subversion repositories to only our internal network. I have a virtual host directive setup in Apache for the IP and port 443. When I put the following: <Directory "/var/www/svn/"> Order allow,deny AllowOverride None Allow from 10.5.10.0/24 Allow... (1 Reply)
Discussion started by: mojoman
1 Replies

2. UNIX for Dummies Questions & Answers

Problem with Restricting Directory in Apache

Hello, I want to restrict access to our Subversion repositories to only our internal network. I have a virtual host directive setup in Apache for the IP and port 443. When I put the following: <VirtualHost 205.147.86.33:443> <Directory "/var/www/svn/"> Order deny,allow AllowOverride... (0 Replies)
Discussion started by: mojoman
0 Replies

3. Solaris

Restricting FTP access for a particular directory

Dear All, I have created a user called "x" who is allowed only to FTP and it is working fine. Here my problem is, I want to give access to a particular directory say for eg:- /dump/test directory. I don't find any option in the useradd command to restrict access to this particular directory only... (1 Reply)
Discussion started by: Vijayakumarpc
1 Replies

4. UNIX for Advanced & Expert Users

Restricting access to code

Hi All, I am facing a problem, regarding code security on a server. We have configured a server which contains our code (ear present in jboss/server/xyz/deploy) in it, and need to bind the code to the server itself so that no one can take the code out of the. the problem is that the password of... (3 Replies)
Discussion started by: akshay61286
3 Replies

5. Linux

Apache Server how to set password for all access?

Hello all, I am new to Linux and am trying to set a password for access to Apache server access. I have both Apache and Tomcat installed in my server, Apache forwards the requests to our Tomcat server which servers the java application we have. The Java application is not configured to ask... (1 Reply)
Discussion started by: firefox211
1 Replies

6. Solaris

restricting access to a server

We want to secure access to a server by restricting the number of users who can login to it. Our users are NIS users. Only few of them can telnet/ssh this server. Do you have any idea on how to implement that? thanks. (1 Reply)
Discussion started by: melanie_pfefer
1 Replies

7. UNIX for Advanced & Expert Users

remote web server access (apache)

Hi, I have web server (apache) installed in server-1 and i want to view the web pages from diferent servers also while the web server is running only in one server ....(all the servers are connected to office LAN) right now all the servers have apache running......and CPU utilzation is at its... (2 Replies)
Discussion started by: aditya.ece1985
2 Replies

8. Solaris

restricting access

Hi All, I'm on Solaris 8, I need to provide Read-only access to a user to 2 directories only. Using rsh (restricted shell) as the user's login shell, I can restrict the user's access to a certain directory only, but how can I set in such a way that the user can access only the 2 directories... (4 Replies)
Discussion started by: max_min
4 Replies

9. UNIX for Dummies Questions & Answers

Restricting access

I need to create a user that only has access to 1 directory (e.g. /vol/mita/test). The user needs to be able to rsh into that directory to run a script. The user should not be able to navigate to any other directories above /vol/mita/test. Any help would be appreciated! (4 Replies)
Discussion started by: ngagne
4 Replies

10. Cybersecurity

restricting access...

restricted access... Hi I need to restrict users shell access to only $HOME under /home for each user. I don't want them getting out of their own directories. From what I understand chroot is something I could use, but I want to avoid this since it involves creating symbolic links to a number... (9 Replies)
Discussion started by: alwayslearningunix
9 Replies

Featured Tech Videos