You are viewing a plain text version of this content. The canonical link for it is here.
Posted to jetspeed-user@portals.apache.org by Jim Wight <jw...@telus.net> on 2003/11/23 05:47:13 UTC
Minor Security Detail
Hi
If someone knows my directory structure on the web server; they can go to
that
directory directly and view all the pages and directories below.
Eg.
If I go to the website http://web-foot.com:8080/web-foot I get my home page.
If I go to http://web-foot.com:8080/web-foot/a_directory/ I get a directory
display.
Is there an easy way to fix
Thanks
Jim Wight
http://web-foot.com
RE: Minor Security Detail
Posted by Holger Dewes <h....@insiders.de>.
> -----Original Message-----
> From: Jim Wight [mailto:jwight@telus.net]
> Sent: Sunday, November 23, 2003 5:47 AM
> To: Jim Wight
> Subject: Minor Security Detail
>
>
> Hi
>
> If someone knows my directory structure on the web server;
> they can go to that directory directly and view all the pages
> and directories below.
>
> Eg.
> If I go to the website http://web-foot.com:8080/web-foot I
> get my home page. If I go to
> http://web-foot.com:8080/web-> foot/a_directory/ I get a
> directory display.
>
> Is there an
> easy way to fix
This depends on the configuration of your web server. For tomcat, e.g.,
you have to set
<init-param>
<param-name>listings</param-name>
<param-value>false</param-value>
</init-param>
for the default servlet. For other web servers, have a look in the
documentation.
--
Holger Dewes
---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: jetspeed-user-help@jakarta.apache.org