diff --git a/sources/tech/20170126 Disable Apache Web Directory Listing Using .htaccess File.md b/sources/tech/20170126 Disable Apache Web Directory Listing Using .htaccess File.md deleted file mode 100644 index 2e52e28561..0000000000 --- a/sources/tech/20170126 Disable Apache Web Directory Listing Using .htaccess File.md +++ /dev/null @@ -1,103 +0,0 @@ -GHLandy Translating - -Disable Apache Web Directory Listing Using .htaccess File -============================================================ - -[Securing your apache web server][3] is one of the most important task, specially when you setting up a new website. - -For example, if you create a new website directory called “**tecmint**” under your Apache server (**/var/www/tecmint** or **/var/www/html/tecmint**) and forgot to place an “**index.html**” file in it, you may surprised to know that all your website visitors can get a complete listing of all your important files and folders simply by typing **http://www.example.com/tecmint** in the browser. - -In this article, we will show you how to disable or prevent directory listing of your Apache web server using **.htaccess** file. - -This is how directory listing will be shown to your visitors when **index.html** not present in it.. - -[ - ![Apache Directory Listing](http://www.tecmint.com/wp-content/uploads/2017/01/Apache-Directory-Listing.png) -][4] - -Apache Directory Listing - -For starters, **.htaccess** (or **hypertext access**) is a file which enables a website owner to control the server environment variables as well as other vital options to enhance functionality of his/her website(s). - -For additional information about this important file, read the following articles to secure your Apache web server using **.htaccess** method: - -1. [25 Apache Htaccess Tricks to Secure Apache Web Server][1] -2. [Password Protect Apache Web Directories Using .htaccess File][2] - -Using this simple method, the **.htaccess** file is created in any and/or every directory in the website directory tree and provide features to the top directory, subdirectories and files inside them. - -First of all, activate the **.htaccess** file for your website in master apache configuration file. - -``` -$ sudo vi /etc/apache2/apache2.conf #On Debian/Ubuntu systems -$ sudo vi /etc/httpd/conf/httpd.conf #On RHEL/CentOS systems -``` - -Then look for the section below, where the value of the `AllowOverride` directive must be set to `AllowOverride All`. - -``` - -Options Indexes FollowSymLinks -AllowOverride All - -``` - -However, if you have an existing **.htaccess** file, make a backup of it as follows; assuming you have it in **/var/www/html/tecmint/**( and want to disable listing of this directory): - -``` -$ sudo cp /var/www/html/tecmint/.htaccess /var/www/html/tecmint/.htaccess.orig -``` - -Then you can open (or create ) it in the particular directory for modification using your favorite editor, and add the line below to turn off Apache directory listing: - -``` -Options -Indexes -``` - -Next restart the Apache web server: - -``` --------- On SystemD based systems -------- -$ sudo systemctl restart apache2 -$ sudo systemctl restart httpd --------- On SysVInit based systems -------- -$ sudo /etc/init.d/apache2 restart -$ sudo /etc/init.d/httpd restart -``` - -Now verify the result by typing **http://www.example.com/tecmint** in the browser, you should get a message similar to the following. - -[ - ![Apache Directory Listing Disabled](http://www.tecmint.com/wp-content/uploads/2017/01/Apache-Directory-Listing-Disabled.png) -][5] - -Apache Directory Listing Disabled - -That’s all! In this article, we described how to disable directory listing in Apache web server using **.htaccess** file. We will also cover two other useful as well as easy methods for the same purpose in upcoming articles, until then, stay connected. - -As usual, make use of the feedback form below to send us your thoughts about this tutorial. - --------------------------------------------------------------------------------- - -作者简介: - -Aaron Kili is a Linux and F.O.S.S enthusiast, an upcoming Linux SysAdmin, web developer, and currently a content creator for TecMint who loves working with computers and strongly believes in sharing knowledge. - -------------------------------------- - - - -via: http://www.tecmint.com/disable-apache-directory-listing-htaccess/ - -作者:[Aaron Kili][a] -译者:[译者ID](https://github.com/译者ID) -校对:[校对者ID](https://github.com/校对者ID) - -本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 - -[a]:http://www.tecmint.com/author/aaronkili/ -[1]:http://www.tecmint.com/apache-htaccess-tricks/ -[2]:http://www.tecmint.com/password-protect-apache-web-directories-using-htaccess/ -[3]:http://www.tecmint.com/apache-security-tips/ -[4]:http://www.tecmint.com/wp-content/uploads/2017/01/Apache-Directory-Listing.png -[5]:http://www.tecmint.com/wp-content/uploads/2017/01/Apache-Directory-Listing-Disabled.png diff --git a/translated/tech/20170126 Disable Apache Web Directory Listing Using .htaccess File.md b/translated/tech/20170126 Disable Apache Web Directory Listing Using .htaccess File.md new file mode 100644 index 0000000000..46d0514373 --- /dev/null +++ b/translated/tech/20170126 Disable Apache Web Directory Listing Using .htaccess File.md @@ -0,0 +1,90 @@ +使用 .htaccess 文件禁用 Web 目录列举 +=========== + +[确保 Apache web 服务器安全][3] 是最重要的任务之一,特别是在你的网站刚刚搭建好的时侯。 + +比方说,如果你 Apache 服务目录 (**/var/www/tecmint** or **/var/www/html/tecmint**) 下创建一个名为“**tecmint**”的目录,并且忘记在该目录放置“**index.html**”,你会惊奇的发现所有访问者都可以在浏览器输入 **http://www.example.com/tecmint** 来完整列举所以在该目录的重要文件和文件夹。 + +本文将为你展示如何使用 **.htaccess** 文件禁用或阻止 Apache 服务器目录列举。 +一下便是不存在 **index.html** ,且未采取防范措施前,目录的列举详情。 + +[![Apache 目录列举](http://www.tecmint.com/wp-content/uploads/2017/01/Apache-Directory-Listing.png)][4] + +Apache 目录列举 + +首先,**.htaccess**  (**超文本 access**) 是一个文件,可以让站点管理员控制服务器的环境变量以及其他的重要选项,用以增强他/她的站点功能。 + +预知更多关于该重要文件的信息,请阅读以下文章,以便通过 **.htaccess** 的方法来确保 Apache Web 服务器的安全。 + +1. [确保 Apache Web 服务器安全的 25 条 .htaccess 设置技巧][1] +2. [使用 .htaccess 为 Apache Web 目录进行密码保护][2] + +使用这一简单方法,在站点目录树中的 任意/每个 目录创建 **.htaccess** 文件,以便为站点该目录、子目录和其中的文件提供保护支持。 + +首先要 Apache 主配置文件中为你的站点启用 **.htaccess** 文件。 + +``` +$ sudo vi /etc/apache2/apache2.conf #Debian/Ubuntu 系统 +$ sudo vi /etc/httpd/conf/httpd.conf #RHEL/CentOS 系统 +``` +然后寻找以下部分,其中 `AllowOverride` 指令必须设置为 `AllowOverride All`。 + +``` + +Options Indexes FollowSymLinks +AllowOverride All + +``` +如果已存在 **.htaccess** 文件,先备份(如下),假设文件在 **/var/www/html/tecmint/** (并要禁用该目录列举): + +``` +$ sudo cp /var/www/html/tecmint/.htaccess /var/www/html/tecmint/.htaccess.orig +``` +然后你就可以在某个特定的目录使用你喜欢的编辑器打开 (或创建) 它,以便修改。并添加以下内容来关闭目录列举。 + +``` +Options -Indexes +``` + +下一步就是重启 Apache Web 服务器: + +``` +-------- 使用 SystemD 的系统 -------- +$ sudo systemctl restart apache2 +$ sudo systemctl restart httpd +-------- 使用 systems 的系统 -------- +$ sudo /etc/init.d/apache2 restart +$ sudo /etc/init.d/httpd restart +``` + +现在来验证效果,在浏览器中输入:**http://www.example.com/tecmint**,你会得打类似如下的信息: + +[![Apache 目录列举已禁用](http://www.tecmint.com/wp-content/uploads/2017/01/Apache-Directory-Listing-Disabled.png)][5] + +Apache 目录列举已禁用 + +至此,文毕。在本文中,我们描述了如何使用 **.htaccess** 文件来禁用 Apache Web 服务器的目录列举。之后我们会介绍两种同样简单的我方法来实现这一相同目的。随时保持联系。 + + +像往常一样,在下方反馈表单中给我们发送关于本文的任何想法。 +-------------- + +作者简介: + +Aaron Kili 是一名 Linux 和 F.O.S.S 忠实拥护者、未来的 Linux 系统管理员、Web 开发者,目前是 TecMint 的原创作者,热衷于计算机并乐于知识分享。 + +------------- + +译者简介: + +[GHLandy](http://GHLandy.com) - 生活中所以欢乐与苦闷都应藏在心中,有些事儿注定无人知晓,自己也无从说起。 + +------------- + +via: http://www.tecmint.com/disable-apache-directory-listing-htaccess/ + +作者:[Aaron Kili][a] +译者:[GHLandy](https://github.com/GHLandy) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProje) 原创编译,[Linux中国](https://linux.cn) 荣誉推出