Koozali.org: home of the SME Server
Obsolete Releases => SME Server 7.x => Topic started by: innorevtech on July 14, 2006, 06:37:15 PM
-
is there a way to configure the apache/sme webserver to NOT display the directory listings when accessing subfolders? (ie http://www.mydomain.com/images/) i would prefer the forbidden, not accessible, etc error messages appear instead of displaying all of the contents of the subfolders (IF that folder doesn't have an index.xxx file in it.)
any help would be appreciated.
i am currently running SME 7.0RC3, upgraded to 7.0 Final VIA Yum-Update.
thanks!
-
You should be getting "404 not found" or "401 unauthorised" errors, not directory listings.
Have you changed the server in any way?
Dave
-
system is stock out of the box, except for no smtp-proxy, and mysql has been enabled. i do not get 404/401 when accessing a folder that has no .htm/.html/.php in it. is there some config file in apache/sme i can check to make sure this is enabled?
-
The directory structure is visible. How do I disable indexes in ibays?
SME 6.0, 6.0.1, and 6.5 all had the following for the ibays/html directory - "Options Indexes Includes". This would indicate that indexes were allowed for html directories. In 7.0 we made this a parameter and defaulted it to enabled to be compatible with < 7.0 installations.
To disable indexes for an ibay in 7.0 do the following: (Be careful to use the exact capitalization)
db accounts setprop //ibayname// Indexes disabled
signal-event ibay-modify //ibayname//
Be sure to replace //ibayname// with your ibay name...
Read this and many more interesting tidbits in SME7FAQs (http://no.longer.valid/phpwiki/index.php/SME7FAQs)
(It took me a while to find it - even though I knew I'd seen it before!)
-
thanks so much! this solved my problems.
-
Hi
I ran the following commands (from this thread) to disallow directory listing (my SME7 fresh install allowed directory listings).
db accounts setprop //ibayname// Indexes disabled
signal-event ibay-modify //ibayname//
I replaced //ibayname// with the relevant ibay name.
The problem is my directories still allow their contents to be listed when www.somedomain/images is used.
Any thoughts would be appreciated ;)
Phil
-
Any thoughts??
-
I am using "images" as the i-bay name below; be sure to use your own i-bay name...
Run:
db accounts show images
After running the commands outlined in the SME7FAQ you should get something like:images=ibay
CgiBin=enabled
Gid=5010
Group=shared
Indexes=disabled
Name=Images
PasswordSet=no
PublicAccess=global
Uid=5010
UserAccess=wr-admin-rd-group
Note that "Indexes" has an initial capital, and "disabled" is all lower case
Looking at the code in /etc/e-smith/templates/etc/httpd/conf/httpd.conf/90e-smithAccess40ibays:- If there is no entry named "Indexes" (capital "I"!), the Indexes option is activated
- if there is an entry named "Indexes" containing a value of "enabled", the Indexes option is activated
- if there is an entry named "Indexes" containing anything except the word "enabled" (all lower case), the Indexes option will not be activated
Be sure you have run:
signal-event ibay-modify images
Then, if it still doesn't work, you can check the actual contents of httpd.conf using:
less -p"Directory /home/e-smith/files/ibays/images/html" /etc/httpd/conf/httpd.conf
You should get something like: <Directory /home/e-smith/files/ibays/images/html>
Options None
Options +Includes
AllowOverride None
order deny,allow
deny from all
allow from all
</Directory>(for Indexes to work, there should be a line underneath "Options None" saying "Options +Indexes". If you have correctly set "Indexes" to "disabled", this line will be absent as shown above).
If everything described here looks OK:Final installed (I think that the ability to set the "Indexes" Option in this manner was added near the end of the SME 7 release process), or
- do you have any contribs, scripts, or other packages installed that might have modified the settings in httpd.conf?[/list]