Originally posted by: CTho9305
Originally posted by: bob332
could somebody recommend good reading for securing apache 2 (the latest version) for windows. it will be running on win2kpro, behind a router. the sites on it will be mostly static with one or two using php. any good advice on how to setup the conf doc would be extremely helpful. i have looked through the default conf and it doesn't state about how not to allow directory browsing. am i missing something? thanks in advance,
in the <directory /> section, put "Options -Indexes" to disable directory browsing. If you want some directories to be browsable, make there tehre is also the line "AllowOverride All". If you dont want to do it anywhere, use "AllowOverride None".
To override for a certain directory, create a file ".htaccess" and put the line "Options +Indexes" in it. this will allow you to browse that directory and its subdirectories only. AllowOverride None will prevent this from working though.