[pmwiki-users] farm security
Neil Herber
nospam at eton.ca
Wed Mar 16 13:19:49 CST 2005
At 2005-03-16 07:02 PM +0000, Hans is rumored to have said:
>Wednesday, March 16, 2005, 6:54:50 PM, Neil wrote:
>
> > I think you need to turn off Apache directory indexing in the farm
> > directory. On my setup, indexing is off by default and I have to turn it on
> > where desired. Seems like the safest way to me.
>
> > I also explicitly put pmwiki.php off limits in the farm directory, like so:
>
> > ### --- prevent execution of PmWiki in farm from anywhere -----
> > <Directory "filepathto/farm/pmwiki">
> > <Files pmwiki.php>
> > Order allow,deny
> > Deny from all
> > </Files>
> > </Directory>
>
>Hi Neil,
>
>The site is on a public server, I can't do anything to Apache.
>I can create .htacess files though.
>How do I turn off directory indexing?
The hard way is to read this:
http://httpd.apache.org/docs-2.0/mod/core.html#options
I don't use directory-level .htaccess files, but I think you need to put
this in .htaccess for the directory:
<Directory /????>
Options -Indexes
</Directory>
Not sure if it needs the directory wrapper.
>
Neil
Neil Herber
Corporate info at http://www.eton.ca/
Eton Systems, 15 Pinepoint Drive, Nepean, ON, Canada K2H 6B1
Tel: (613) 829-4668
More information about the pmwiki-users
mailing list