Apache - directory browsing gives 404
With no .htaccess files and Options FollowSymLinks MultiViews Indexes followed by AllowOverride None in the vhost configuration, I'm getting 404 responses from directory listings. Are there some specific modules I need for directory listings?
My active modules are:
authz_host
deflate
dir
env
expires
headers
mime
mod-security
negotiation
php5
reqtimeout
rewrite
setenvif
ssl
unique_id
VHost Configuration:
<VirtualHost *:443>
# SSL
SSLEngine On
SSLCertificateKeyFile /dir/ssl/ssl.key
SSLCertificateFile /dir/ssl/ssl.crt
SSLSessionCacheTimeout 300
</VirtualHost>
<VirtualHost *:80 *:443>
ServerAdmin webmaster@localhost
ServerAlias domain.tld *.domain.tld
ServerName cl.domain.tld
# Just a few connection resets so that I don't waste my bandwidth on "hackers"
SecRuleEngine On
SecRule &REQUEST_HEADERS:User-Agent "@eq 0" drop,phase:1
SecRule REQUEST_HEADERS:User-Agent "^$" drop,phase:1
SecRule REQUEST_LINE "://" drop,phase:1
SecRule REQUEST_URI "^/admin" drop,phase:1
SecRule REQUEST_URI "^/mail" drop,phase:1
SecRule REQUEST_URI "^/webmail" drop,phase:1
SecRule REQUEST_URI \\\\ drop,phase:1
SecRule REQUEST_METHOD !^GET$ chain,drop,phase:1
SecRule REQUEST_METHOD !^HEAD$ chain
SecRule REQUEST_METHOD !^POST$
<Directory /dir/public_html/>
Options FollowSymLinks MultiViews Indexes
Order allow,deny
allow from all
</Directory>
DocumentRoot /dir/public_html
</VirtualHost>
With no .htaccess files and Options FollowSymLinks MultiViews Indexes followed by AllowOverride None in the vhost configuration, I'm getting 404 responses from directory listings. Are there some specific modules I need for directory listings?
My active modules are:
authz_host
deflate
dir
env
expires
headers
mime
mod-security
negotiation
php5
reqtimeout
rewrite
setenvif
ssl
unique_id
VHost Configuration:
<VirtualHost *:443>
# SSL
SSLEngine On
SSLCertificateKeyFile /dir/ssl/ssl.key
SSLCertificateFile /dir/ssl/ssl.crt
SSLSessionCacheTimeout 300
</VirtualHost>
<VirtualHost *:80 *:443>
ServerAdmin webmaster@localhost
ServerAlias domain.tld *.domain.tld
ServerName cl.domain.tld
# Just a few connection resets so that I don't waste my bandwidth on "hackers"
SecRuleEngine On
SecRule &REQUEST_HEADERS:User-Agent "@eq 0" drop,phase:1
SecRule REQUEST_HEADERS:User-Agent "^$" drop,phase:1
SecRule REQUEST_LINE "://" drop,phase:1
SecRule REQUEST_URI "^/admin" drop,phase:1
SecRule REQUEST_URI "^/mail" drop,phase:1
SecRule REQUEST_URI "^/webmail" drop,phase:1
SecRule REQUEST_URI \\\\ drop,phase:1
SecRule REQUEST_METHOD !^GET$ chain,drop,phase:1
SecRule REQUEST_METHOD !^HEAD$ chain
SecRule REQUEST_METHOD !^POST$
<Directory /dir/public_html/>
Options FollowSymLinks MultiViews Indexes
Order allow,deny
allow from all
</Directory>
DocumentRoot /dir/public_html
</VirtualHost>
No comments:
Post a Comment