发表新帖
发表新帖

Anyway protecting your site from external site scandir

后端 未结
关注
2 1235
渐次进展
渐次进展 2021-01-28 00:55

Just came across to a website that lists all hidden files. I utilized Facebooks directory called: \"hashtag/\" and the results showed a whole bunch of files from http://www.face

2条回答
  • 走了就别回头了
    走了就别回头了 (楼主)
    2021-01-28 01:10

    The main option is Indexes you can turn them off in your .htaccess with

    Options -Indexes

    The second option is blocking Deny

    Order Deny,Allow
Deny from All

    Say you have a folder called inc that holds some files that you don't want accessible via a url but you want your other PHP scripts to be able to include them you toss this rule in an .htaccess file in your inc folder.

    Here is a link to a great resource on .htaccess rules https://github.com/phanan/htaccess

    0 讨论(0)
 看不清?
提交回复
热议问题