This is better <LocationMatch "/.+"> Redirect / http://foo.com </LocationMatch>
On 12/18/06, Leo Gil <[EMAIL PROTECTED]> wrote:
This did the work with Apache. I was trying to get rid of the semicolon but this seems better. <LocationMatch "/.+"> AllowOverride None Order deny,allow Deny from all Allow from none </LocationMatch> Now I have to decide between a tomcat 404 or an apache access denied Thanks again Leo On 12/18/06, Leo Gil <[EMAIL PROTECTED]> wrote: > > After hunting this problem down I found an easy fix on tomcat. So easy > that upsets me... > > Just setting listings to false did the trick on web.xml > > <init-param> > > <param-name>listings</param-name> > > <param-value>false</param-value> > > </init-param> > > I'm going to try LocationMatch it's better than displaying a tomcat 404 > > Thanks for your help > > Leo > On 12/18/06, Nick Kew < [EMAIL PROTECTED]> wrote: > > > > On Mon, 18 Dec 2006 18:26:06 -0500 > > "Leo Gil" < [EMAIL PROTECTED]> wrote: > > > > > Hi all, > > > > > > I have been trying to block the Tomcat directory listing > > vulnerability > > > using Apache's Directory with no success. > > > > No chance. <Directory> applies to local files, not anything > > served by tomcat. You want <LocationMatch>. > > > > > > -- > > Nick Kew > > > > Application Development with Apache - the Apache Modules Book > > http://www.apachetutor.org/ > > > > --------------------------------------------------------------------- > > The official User-To-User support forum of the Apache HTTP Server > > Project. > > See <URL:http://httpd.apache.org/userslist.html> for more info. > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > " from the digest: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > >
