Apache Tightening

-->

We don't want apache to display emacs' backup (~) and auto-save (#) directories or files.

Secondly, but less importantly, we don't want it to even display that such files exist when it shows directery listings.

These are my half-baked ideas on how to accomplish the same.

Just before the "DocumentRoot" /var/www declaration, I declare (minor modifications of) this:

2005-09-08 T11:22:20-0400 (Thursday)    D. Goel




RewriteEngine on
test: reject everything:
(RewriteRule (.*)  http://www.google.com/forbidden.html)




¹ reject all dotted files and directories:
RewriteRule (/\.)  http://www.google.com/forbidden.html




² reject all directories ending in ~
RewriteRule (~/)  http://www.google.com/forbidden.html




³ reject all files ending in ~
RewriteRule (~$)  http://www.google.com/forbidden.html




⁴ reject all files starting with #
this is wrong ... # is an anchor 
RewriteRule (/#)  http://www.google.com/forbidden.html




⁵ also, don't forget   stuff like 
IndexIgnore .??* ~ # RCS CVS ,v ,t
at appropriate places to hide directory listings

TODO: apache already seems to hide files beginning with # in directory listing. What about preventing displays if the usoer provides an explicit URL?

Notes:

This will not work for virtualhosts, unless declared within that section.
Don't forget to check each case for your server... in fact, check every 6 months, and try out all vhosts and all sections for each case.

Drbacchus: Rewriting is overkill. Rather, Use things like:

 <FilesMatch ^[.~#]>
  deny from all
 endtag for FilesMatch

That will also remove them from directory listings, if you're using 2.0. If not, then IndexIgnore will do so.

With thanks to: kon on #debian_, drbacchus and fajita on #apache

Updated: 2005-09-08

Home / Index