Category:Config | Category:Config -> Community | Category:Config -> Webserver
This page contains few configurations which might help in developing and providing security to the applications:
Disable directory listing
I heard that one of the “must do’s” on setting a secure apache webserver environment is to disable directory browsing. I want to do this. Do I carefully remove “Indexes” in my htpd.conf file and or change “Indexes” to “-Indexes”:
<Directory "/www/vhosts/localhost">
Options Indexes FollowSymLinks
Order allow,deny
Allow from all
</Directory>
to:
<Directory "/www/vhosts/localhost">
Options FollowSymLinks
Order allow,deny
Allow from all
</Directory>
or:
<Directory "/www/vhosts/localhost">
Options -Indexes FollowSymLinks
Order allow,deny
Allow from all
</Directory>
Then restart the server?
phpmyadmin
When we want to handle our phpmyadmin from remote client we can always use the following configurations in phpmyadmin.conf file of you apache webserver.
<IfModule php5_module>
Allow from all
</IfModule>
if you want to access it from only localhost, than
<IfModule php5_module>
Allow from 127.0.0.1
</IfModule>
Note: Always have a backup first. In any case you are responsible for missing configurations.