Reputation: 3797
apache Web server directory hide documents
I have an apache server where I have disabled the ability to read the contents of a directory where you specify the directory path ie. http://www.domain.com/directory
I have renamed a directory that is not linked from any html pages to something ridiculously long and random and inserted a series of PDF's.
From my perspective unless someone knows the name of the directory and name of the pdf there is no chance they can view the PDF? Is this a somewhat safe assumnption? Are there scripts the little script kiddies can run remotely to view the directories off the root webdirectory and then contents or is this reasonably secure?
Upvotes: 0
Views: 236
Answers (1)
Reputation: 3989
What are the contents of these PDF's. If they contain sensitive or personal data, then your solution is probably not advisable i.e you need to make a impact assessment if data is comprimised.
In your scenario you should make sure that there is nothing in your configuration that enables directory listing of the above directory, so check any Options directives. Secondly, if you support requests to post data to ordinal url (i.e the directory) then makes sure you don't let a user post an .htaccess file that includes configuration enabling directory listing.
Upvotes: 1
Related Questions
- Hiding files with apache
- Hide folders with .htaccess
- How can i hide my files and folders as they can be seen as "Index of /test/admin" on my server
- Avoiding the users to be able to see a directory in php
- Disallow folder browsing but allow file requests (Apache)
- Protecting certain files and folders from view within a public folder
- How do you hide the folders in your websites public_html folder?
- How do I hide directories in Apache, specifically source-control?
- Lampp/Apache - Make files not available from htdocs folder via HTTP
- How to stop Apache from listing the contents of my user directories