[prev in list] [next in list] [prev in thread] [next in thread]
List: jetspeed-user
Subject: RE: Minor Security Detail
From: "Holger Dewes" <h.dewes () insiders ! de>
Date: 2003-11-24 8:47:03
[Download RAW message or body]
> -----Original Message-----
> From: Jim Wight [mailto:jwight@telus.net]
> Sent: Sunday, November 23, 2003 5:47 AM
> To: Jim Wight
> Subject: Minor Security Detail
>
>
> Hi
>
> If someone knows my directory structure on the web server;
> they can go to that directory directly and view all the pages
> and directories below.
>
> Eg.
> If I go to the website http://web-foot.com:8080/web-foot I
> get my home page. If I go to
> http://web-foot.com:8080/web-> foot/a_directory/ I get a
> directory display.
>
> Is there an
> easy way to fix
This depends on the configuration of your web server. For tomcat, e.g.,
you have to set
<init-param>
<param-name>listings</param-name>
<param-value>false</param-value>
</init-param>
for the default servlet. For other web servers, have a look in the
documentation.
--
Holger Dewes
---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: jetspeed-user-help@jakarta.apache.org
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic