stackoom
  简体   繁体   中英

Apache2 reverse proxy block access to files

 原文  2020-11-03 16:02:18       linux/ apache2/ reverse-proxy

Question

I'm using Apache2 2.4.46 as a reverse proxy in front of a docker container (Reverse proxy itself is not inside container). The container comes with a WordPress installation. When I check the configuration with wpscan it shows me that there are some files presented that better should be hidden, like readme.txt or xmlrpc.php.

I try to hide them via directive:

<Files "readme.txt">
   Require all denied
</Files>

But that does not work. I have also tried the old version:

<Files "readme.txt">
   Order deny,allow
   Deny from all
</Files>

I want to secure them globally for this instance. So I tried to set it outside of a directive and also inside <Proxy "*">... directive.

All failed. Any ideas what to do? Or what could be wrong?

Regards olaf

1 answers

solution1
 0  2020-12-30 21:55:10

You should instruct proxypass to ignore urls using the "!" notation.

ProxyPass /public/forms/ !

Official documentation here: https://httpd.apache.org/docs/current/mod/mod_proxy.html#proxypass

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Deny access to all files except index file - Apache2 nginx as reverse proxy for runining apache Apache reverse proxy configuration issue How to set root access for all files put inside my Apache2 root directory? How to reverse access on a proxy server Configure Apache reverse proxy and regular virtual host Using Nginx as reverse proxy for wordpress on Apache in CentOS React app fails to run with Apache reverse proxy Multiple NIC's on apache2 web proxy server Apache Reverse Proxy for user customized http iFrames
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM