Wednesday, May 16, 2012

Disable Directory Listing

Mostly you observe this directory listing in many websites :

Ex:  www.demo.com/

like traversing direcotries trying www.demo.com/images/
there is a possibilty that an attacker tries to look for hidden directories and there is possibility
of finding possible web confg files too.

to disable this

In Apache:
---------------
goto file called httpd.conf

and search for:


 Options Indexes FollowSymLinks 


now just add ' - ' before indexes like :

Options -Indexes FollowSymLinks 



In IIS 7:
----------
Open IIS manager and go to the level or navigate to manage.
then in  "Feature view" .  Double-click " Directory browsing "

In  " Actions " pane click Disable if directory browsing is enabled.

2 comments:

Nice post keeps on posting this type of interesting and informative articles.
free masters samples

Pretty interesting post. Thanks for taking the time to share your view with us.

writemy-essay.net/contact-us

Post a Comment

Twitter Delicious Facebook Digg Stumbleupon Favorites More