|
|
Posted by Roy Schestowitz on 08/29/05 06:07
__/ On Monday 29 August 2005 03:51, [Noreen] wrote : \__
> Hello,
>
> I notice that on certain web servers (cpanel)
*NIX servers. cPanel is merely a front-end which simplifies management at
file-level.
> if anyone calls to a
> directory on your website, the browser will create a directory listing of
> all files in the folder - a bit of a security loophole.
No. It's exactly what is intended to happen. If you wish for this behaviour
to be stopped (e.g. you run a respectable business and have hidden pages),
then:
In cPanel 10 (maybe earlier too), find Index Manager down the bottom of the
table; click item to deny listing; click directory icon to go a level
deeper.
> Is there any way to reconfig this aside from placing a dummy index file in
> every folder on your site? (I believe these are mostly apache running
> cpanel).
I actually use dummy files too because it allows me to control how they
appear (or /behave/). I can self-tailor messages to suit different
directories. I also use visual (i.e. more informative) re-directions
sometimes, e.g.
<HTML>
<HEAD>
<link rel="stylesheet" href="/roy.css" type="text/css">
<META HTTP-EQUIV="Refresh" CONTENT="1;URL=/proj.htm">
<TITLE>Projects</TITLE>
</HEAD>
<BODY BGCOLOR=EEEEEE>
<H1>Redirection</H1>
You should shortly be redirected to the <B>Projects section</B>
<P>If this does not happen, <a href="/proj.htm">click here</a></P>
</BODY>
</HTML>
> thanks for any tips or comments.
>
> noreen w
Hope it helps,
Roy
--
Roy S. Schestowitz "Mod me up and I'll cherish you"
http://Schestowitz.com
Navigation:
[Reply to this message]
|