每天进步一点点:关闭网站的自动目录索引功能
cn·@oflyhigh·
0.000 HBD每天进步一点点:关闭网站的自动目录索引功能
之前的帖子聊了[如何修改Apache2默认网页(主页)](https://steemit.com/cn/@oflyhigh/ubuntu-apache2),其实除了遇到默认网页不能加载,我还遇到了一个严重的问题,那就是目录自动索引。
(图源 :[pixabay](https://pixabay.com/))
# 自动索引
什么是自动索引呢?简单来讲,就是当一个目录中没有默认网页时,访问这个目录会列出目录下所有内容。
示例:
>
在有些情况下,上述自动索引会让网站访问变得更加方便,比如我上传一堆文件,不用去做网页,网站自动帮我列举出来,直接点击即可访问。
可是这样会有一些安全隐患,比如我不小心上传了一些重要文件,原本不打算让人看到,但是因为自动索引,全曝光了。
# 方法一:添加`index.html`
那么这个问题要如何解决呢?最安全的方法是,***给每个目录下放一个`index.html`文件***。
这样当我们直接访问目录时,就会自动加载这个`index.html`文件了,目录下的其它内容自然不会曝光了。
# 方法二:修改站点配置
但是这样一个一个加`index.html`文件太累了,那么有没有简单的办法呢?
一个办法就是修改站点的Apache配置文件(如果有站点ssl配置文件,也记得修改),在其中添加`Options -Indexes`
```
<Directory /home/sitexxxx/www>
Options -Indexes
......
</Directory>
```
重启Apache后,再次访问,就会变成这个样子啦。
>
# 方法三:禁用Autoindex 模块
另外一种方法是彻底禁用[Autoindex 模块](http://httpd.apache.org/docs/current/mod/mod_autoindex.html),方法如下:
>`sudo a2dismod autoindex`
之后会出现如下提示:
>
大意是不应该这么做,如果你确定要这么干,请输入:***`Yes, do as I say!`***,完成后还需要重启Apache:
>`sudo systemctl restart apache2`
但是有趣的是,恢复之前的站点配置文件,再次测试访问,竟然提示:
>
# 方法四:使用.htaccess
另外还有一种方法是使用`.htaccess`文件,加入如下内容即可:
>`Options -Indexes`
# 补充说明
尽管上述几个方法都可以达成禁用自动索引的目的,但是需要注意的是`Options`指令在站点配置文件和`.htaccess`文件中使用,是有优先级的。
简单来讲***`.htaccess`的设置会覆盖站点配置文件的设置***,具体的就不深入分析啦。
另外,尽管有诸多手段,我们用一种就好啦,***我还是在站点配置文件中加入`Options -Indexes`吧***。
# 参考链接
* [Apache Module mod_autoindex](http://httpd.apache.org/docs/current/mod/mod_autoindex.html)
* [每天进步一点点:Ubuntu下修改Apache2默认网页(主页)](https://steemit.com/cn/@oflyhigh/ubuntu-apache2)
----
<center><strong>Vote For Me As Witness</strong>
https://steemit.com/~witnesses type in **`oflyhigh`** and click ***`VOTE`***
[](https://steemit.com/~witnesses)
[Vote @oflyhigh via Steemconnect](https://steemconnect.com/sign/account-witness-vote?witness=oflyhigh&approve=1)
<strong>Thank you!</strong></center>👍 cryptouno, eval, astros, liangfengyouren, bambugrove, money-way, blues-wclouds, igor1966, julian2013, archisteem, evelaurie, yalehazlitt, eltonwright, zorapolly, yettawild, bobarchibald, annasandy, sskiller, ew-and-patterns, auntigormint, ms8988, ikonik, lemminon, teresa.yaiyai, catwomanteresa, kimzwarch, itchyfeetdonica, archisteem-cn, pataty69, holmesian, enlighted, ab123, otom, teamcn-shop, ericetchen, xiaokongcom, newhope, exec, janiceting, xiaohui, ethansteem, laoyao, somebody, deanliu, alexis555, thecryptodrive, joythewanderer, davidke20, rosatravels, maiyude, hmayak, yulan, chinadaily, elizacheng, namchau, etherpunk, iipoh06, aellly, helene, gamemods, devilwsy, travelgirl, yyyy, midnightoil, wongshiying, andrewma, lingfei, oflyhigh, lalala, blackbunny, casberp, accelerator, robertoueti, flaviusbusck, aiyumi, hranhuk, mynotsofitlife, fabio.hranhuk, fabianehranhuk, duarte9sousa, naturald, tmarisco, fireguardian, eraizel, deividluchi, kryptonauta, rea, jamzmie, steemprotect, technologynepal, em3di, angelusc, astromaniac, voxmortis, maxuvv, epic4chris, hamsa.quality, theinspiration, deviedev, maxuva, wylo, maxuvb, maxuvc, maxuvd, maxuve, rycharde, map10k, mapxv, kymio, phatima, bukiland, tvb, yestermorrow, hyborian-strain, canbethisone, skenan, luxiony, camillagomes, ffcrossculture, rivalhw, cn-reader, cecilian, huatanzhang, aabb, mrliga, windowglass, tbtek, cryptohustler, partiko, bboyady, nascimentoab, cleateles, laissez-faire, abetterworld, raili, weavingwords, heyeshuang, winniex, sanzo, sweethoney, chenlocus, stakuza, fastiduos, rebecca80, ethanlee, silentlucidity53, freedom-fighter, khalilad, kingofdew, bearpaw, razor80, chann, coindzs, cryptoknight27, alijewel, lkvictor2005, raku, chaerin, khayziljoy, speeding, sherdzio, wenjiewu, dapeng, blockchainbilly, jkkim, bsusushba, suhunter, jianghao, teachblogger, agoha, fredo77200, haiyangdeperci, resteeming, austinsandersco, walkinharmony, davaowhenyo, frankintaiwan, that1consultant, allenshayzar, nitro.live, asterix87, ravenousappetite, btccurrency1, ebejammin, lancy, vfxness, historylover, fanso, jiangchen, jesse5th, slh84, emmyluluameh, geovaniiworld, goodcontentbot, celine-robichaud, k-bot, sasaadrian, doneliseo, goodcontentbot1, valuetainment, cnbuddy, tumutanzi, minloulou, cryptocurrencyhk, suman156, missaj, xiaoshancun, tezml, sweetsssj, alex2016, chinchilla, steemkingman, slientstorm, slowwalker, mavollme, gregoryhedrich, windenchanter, hqy, ace108, grzekry, adm, zytong, idx, abit,