Apache 2.4 - How to deny access to DocumentRoot but allow 'trailing slash' access to DirectoryIndex file
Question
In my Apache 2.4 VirtualHost configuration, I'd like to - by default - deny access to everything in the DocumentRoot that I do not enable explicitly. To that end, I have written:
DocumentRoot /var/www
<Directory "/var/www">
Require all denied
<Files "index.html">
Require all granted
</Files>
</Directory>
This enables direct access to http://myserver.example/index.html , but results in a 403 response for indirect access to http://myserver.example/ .
How can I correct this behaviour?
1 answers
solution1
1 2019-11-25 20:03:13
Following the hint that I "did not explicitly allow / ", resulting in it being forbidden set me on the right track to solve this. Adding a LocationMatch directive that deals with the trailing slash exclusively results in the desired behaviour:
DocumentRoot /var/www
<Directory "/var/www/">
Require all denied
<Files "index.html">
Require all granted
</Files>
</Directory>
# Regex anchored at string beginning and end
# -> only matches "/"
<LocationMatch "^/$">
Require all granted
</LocationMatch>
Note that adding a <Files "/"> directive does not work, probably because the accessed resource is not really a file. Neither is <Location /> the right thing, because it would be applied to the entire VirtualHost.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.