[pmwiki-users] farm security

Neil Herber nospam at eton.ca
Wed Mar 16 13:19:49 CST 2005


At 2005-03-16  07:02 PM +0000, Hans is rumored to have said:
>Wednesday, March 16, 2005, 6:54:50 PM, Neil wrote:
>
> > I think you need to turn off Apache directory indexing in the farm
> > directory. On my setup, indexing is off by default and I have to turn it on
> > where desired. Seems like the safest way to me.
>
> > I also explicitly put pmwiki.php off limits in the farm directory, like so:
>
> > ### --- prevent execution of PmWiki in farm from anywhere -----
> > <Directory "filepathto/farm/pmwiki">
> >          <Files pmwiki.php>
> >                  Order allow,deny
> >                  Deny from all
> >          </Files>
> > </Directory>
>
>Hi Neil,
>
>The site is on a public server, I can't do anything to Apache.
>I can create .htacess files though.
>How do I turn off directory indexing?

The hard way is to read this:

http://httpd.apache.org/docs-2.0/mod/core.html#options

I don't use directory-level .htaccess files, but I think you need to put 
this in .htaccess for the directory:

  <Directory /????>
         Options -Indexes
</Directory>

Not sure if it needs the directory wrapper.

>

Neil

Neil Herber
Corporate info at http://www.eton.ca/
Eton Systems, 15 Pinepoint Drive, Nepean, ON, Canada K2H 6B1
Tel: (613) 829-4668 




More information about the pmwiki-users mailing list