How to Prevent Browsing, dir listing of a Specific Directory
Added by leegold over 12 years ago
Hi,
Ubuntu Server 10.04.4 LTS, Lighttpd 1.4.26.
How do I prevent browsing/dir listing of a specific directory and all directories under it? I see there's a command to stop it globally (I think: dir-listing.activate = "disable") but I want it for a specific directory and recursively for all dirs under a given "top" dir.
Also if someone guesses a file name I want to prevent downloading of that file in the given dir and recursively.
I only want access to content in the dirs via an internet browser after authentication with mod_auth.
Thank You, grateful for help.
Replies (1)
RE: How to Prevent Browsing, dir listing of a Specific Directory - Added by MarkoAmb over 12 years ago
Hi,
You can use per folder configuration in lighttpd.conf for example:
##Some directory authorization
$HTTP["url"] =~ "^/my-safe-directory/" {
auth.backend = "htdigest"
auth.backend.htdigest.userfile = "/etc/lighttpd/.passwd"
auth.require = ( "/monitor/" =>
(
"method" => "digest",
"realm" => "Authorized users only",
"require" => "valid-user"
)
)
}
This will ask for username and password when you browse to the http://yoursite.com/my-safe-directory/
(and also protect your files and folders recursively)
ps:
for generating users and passwords in the example above :
htpasswd /etc/lighttpd/.passwd use
( htpasswd --help or : http://www.inebraska.com/help/htaccess/htpasswd_ex.html)
Regards
Marko