Force directory listing even if index.html is present
If you are using apache, and you have a index file specified (which is present), there is no way to trick apache into not using the index file. It will simply cause a 404.
Some frameworks put a index.php file into every single directory, with as little content as this:
<?php
// silence is golden
?>
The simple reason to actually put a file, is that although most (95%) webservers outthere are apache, there are a few, that arent. A few of these does not support .htaccess settings, that commonly is used to deny directory listing.
The directory view you are seeing is most likely caused by the option Indexes option in your website, and be easily disabled by removing it totally, or creating a .htaccess file with the following contents:
Options -Indexes
Related videos on Youtube
01 : 22
04 : 39
07 : 38
01 : 48
01 : 29
dukevin
Updated on September 18, 2022Comments
-
dukevin almost 2 years
I have some files in my /www/ directory. Is it true that by simply putting an index.html into that directory, the rest of the files are now "protected from public"? Could an outside hacker still force directory listing or gain access to those files? How would they do it if it were possible?
I'm aware of the ways to make my filesystem secure, but I was wondering to what extent does just putting an index file have on protecting files/directory listing.
-
Ladadadada about 12 yearsActually, more like 65% are Apache.
-
Braiam almost 7 years@Ladadadada not anymore news.netcraft.com/archives/2017/07/20/…
