[3564] in WWW Security List Archive
Re: Alta Vista may or may not harvest unadvertised documents
daemon@ATHENA.MIT.EDU (Ben Laurie)
Sat Nov 16 09:29:29 1996
To: John Robert LoVerso <loverso@osf.org>
Date: Sat, 16 Nov 1996 10:57:45 +0000 (GMT)
From: Ben Laurie <ben@gonzo.ben.algroup.co.uk>
Cc: dwm@xpasc.com, smb@research.att.com, CHESS@watson.ibm.com,
www-security@ns2.rutgers.edu
In-Reply-To: <199611151301.IAA32149@postman.osf.org> from "John Robert LoVerso" at Nov 15, 96 08:01:17 am
Reply-To: ben@algroup.co.uk
Errors-To: owner-www-security@ns2.rutgers.edu
John Robert LoVerso wrote:
>
> smb wrote:
> > Blatant assertion: servers should refuse to deal with directories without
> > explicit index.html files. If it's not there, the directory won't be
>
> In fact, NCSA and Apache do this. Just take the "Options Indexes" out of
> srm.conf. If you add "AllowOverride Indexes" then you can enable indexing
> on a per directory basis by putting "Options Indexes" in the .htaccess file.
> Since the server will walk up a file tree until it finds a .htaccess file,
> then you can allow indexing on a whole tree by just putting a single
> .htaccess at the root.
>
> Too bad there is no way to say "Options NoIndexes".
There is in Apache 1.2: "Options -Indexes".
Cheers,
Ben
--
Ben Laurie Phone: +44 (181) 994 6435 Email: ben@algroup.co.uk
Freelance Consultant and Fax: +44 (181) 994 6472
Technical Director URL: http://www.algroup.co.uk/Apache-SSL
A.L. Digital Ltd, Apache Group member (http://www.apache.org)
London, England. Apache-SSL author
