[英]Apache 2.4 - How to deny access to DocumentRoot but allow 'trailing slash' access to DirectoryIndex file
In my Apache 2.4 VirtualHost configuration, I'd like to - by default - deny access to everything in the DocumentRoot
that I do not enable explicitly.在我的 Apache 2.4 VirtualHost 配置中,我想 - 默认情况下 - 拒绝访问我没有明确启用的
DocumentRoot
中的所有内容。 To that end, I have written:为此,我写道:
DocumentRoot /var/www
<Directory "/var/www">
Require all denied
<Files "index.html">
Require all granted
</Files>
</Directory>
This enables direct access to http://myserver.example/index.html
, but results in a 403
response for indirect access to http://myserver.example/
.这允许直接访问
http://myserver.example/index.html
,但会导致403
响应间接访问http://myserver.example/
。
How can I correct this behaviour?我该如何纠正这种行为?
Following the hint that I "did not explicitly allow /
", resulting in it being forbidden set me on the right track to solve this.遵循我“没有明确允许
/
”的提示,导致它被禁止让我走上解决这个问题的正确轨道。 Adding a LocationMatch
directive that deals with the trailing slash exclusively results in the desired behaviour:添加专门处理尾部斜杠的
LocationMatch
指令会导致所需的行为:
DocumentRoot /var/www
<Directory "/var/www/">
Require all denied
<Files "index.html">
Require all granted
</Files>
</Directory>
# Regex anchored at string beginning and end
# -> only matches "/"
<LocationMatch "^/$">
Require all granted
</LocationMatch>
Note that adding a <Files "/">
directive does not work, probably because the accessed resource is not really a file.请注意,添加
<Files "/">
指令不起作用,可能是因为访问的资源不是真正的文件。 Neither is <Location />
the right thing, because it would be applied to the entire VirtualHost. <Location />
也不是正确的,因为它将应用于整个 VirtualHost。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.