Apache Cookbook: Solutions and Examples for Apache Administrators
Problem
You want to make sure that files outside of your web directory are not accessible. Solution
For Unixish systems: <Directory /> Order deny,allow Deny from all AllowOverride None Options None </Directory> For Windows systems: <Directory C:/> Order deny,allow Deny from all AllowOverride None Options None </Directory> Repeat for each drive letter on the system. Discussion
Good security technique is to deny access to everything, and then selectively permit access where it is needed. By placing a Deny from all directive on the entire filesystem, you ensure that files cannot be loaded from any part of your filesystem unless you explicitly permit it, using a Allow from all directive applied to some other <Directory> section in your configuration. If you wanted to create an Alias to some other section of your filesystem, you would need to explicitly permit this with the following: Alias /example /var/example <Directory /var/example> Order allow,deny Allow from all </Directory> See Also
|