[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Apache configuration and security


I came across a potential security error whilst playing with the default install of Apach2 today.

If you goto http://domain or http://domain./ all is fine. Unfortunately, if you goto http://domain// or append any number of '/' to the uri, then you will be served with a directory listing instead of the index page.

I have fixed this localy by editiing /etc/apache2/sites-available/default . I have changed "RedirectMatch ^/$ /apache2-default/" to "RedirectMatch ^/*$ /apache2-default/"

I hope this is helpful, and apologise if I have sent this to the wrong address.


Keith Seldon

Reply to: