Answer the question
In order to leave comments, you need to log in
N
N
narem2021-11-28 22:42:30
narem, 2021-11-28 22:42:30
How to forbid to walk on server files in the browser?
Now the server is configured so that if I go to ip/ in the browser and enter a folder or file name, if such a file exists, it will open in the browser. How to disable this feature so that a person cannot open the json config.
3 answer(s)
@narem
@firedragon
A
Alexander Karabanov, 2021-11-28 @narem
What web server are you using?
For Apache, this is a directive . Options -Indexes
For Nginx, this is a directive autoindex off;
. To completely prohibit access to a file from the outside, read about Allow and Deny.
V
Vladimir Korotenko, 2021-11-29 @firedragon
so the advice was good, but the devil is in the details.
if these json are requested by your scripts then everything will break.
It makes sense to overlap the php files that are included, or to enter something like an empty line in the header.
And in the general case, it makes sense to make static available to everyone. And api which is available only for tokens.
Similar questions
K
khataev2014-08-03 22:45:16
What is missing to display an image as the background of an html page?
4Reply
A
I
Ivan_korolev2015-07-07 11:20:56
What qualitatively new appeared in search engines after 2000?
7Reply
K
A
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question