ໃຫ້ໄປເບິ່ງ config ໃນ httpd.conf ວ່າຖືກເອີ້ນໃຫ້ໃຊ້ງານໄດ້ຫລືບໍ່ ດ້ວຍການຊອກຫາ AccessFileName ວ່າມັນຊີ້ໄປຫາຟາຍ .htaccess ຫລືບໍ່
ຕົວຢ່າງ
[root@luc1f3r assholy]# grep -i AccessFileName /etc/httpd/conf/httpd.conf
# AccessFileName: The name of the file to look for in each directory
AccessFileName .htaccess
ຕໍ່ມາກໍ່ຊອກວ່າມັນຖືກເປີດໃຊ້ຈາກ apache ແລ້ວຫລືບໍ່ ຈາກ configure ຂອງ httpd.conf ຄືເກົ່າ
[root@luc1f3r assholy]# grep -i AllowOverride /etc/httpd/conf/httpd.conf
# AllowOverride controls what directives may be placed in .htaccess files.
AllowOverride None
ສັງເກດ AllowOverride ທາງເຖິງຈະເປັນ None ໃຫ້ປ່ຽນເປັນ all
ຫລັງຈາກປ່ຽນແລ້ວຢ່າລືມ restart apache
service httpd restart
ສ່ວນນີ້ຄືຕົວຢ່າງການຕັ່ງຄ່າ .htaccess
#ແບບໃຫ້ຖາມຫາ user&password
AuthUserFile /var/www/html/assholy/.htpasswd
AuthGroupFile /dev/null
AuthName "Password Protected Area"
AuthType Basic
#####ທາງລຸ່ມໃຫ້ເອົາ# ອອກ
<#limit get="" post="">
require valid-user
<#/limit>
ສັງເກດທາງເທິງມັນຈະໄປກວດກາ user pass ຢູ່ໃນ .htpasswd ເຮົາສາມາດສ້າງໄດ້ຈາກ shell ໃນ linux
htpasswd -c /PATHTOYOURDIRECTORY/.htpasswd myuser
New password:
Re-type new password:
Adding password for user myuser
ຫລືໃຜສັບສົນ ສາດມາດໃຊ້web generate ເອົາກໍ່ໄດ້
http://cooletips.de/htaccess/
http://www.webmaster-toolkit.com/htaccess-generator.shtml
#ແບບອະນຸຍາດຕາມ source IP
Order deny,allow
Deny from all
Allow from 192.168.0.0/24
Friday, March 9, 2012
Wednesday, March 7, 2012
How to disable directory browsing in apache/httpd
find the main apache’s config file
If you use Debian, it should be here:
Using file editor such as vim or nano open the file and find the line following:
remove "
dont forget to restart apache
httpd.conf is located.If you use Debian, it should be here:
/etc/apache/httpd.conf.Using file editor such as vim or nano open the file and find the line following:
Options Includes Indexes FollowSymLinks MultiViewsremove "
Indexes" will be like follows:Options Includes FollowSymLinks MultiViewsdont forget to restart apache
Subscribe to:
Posts (Atom)