Default Deny Policy

To ensure that a default deny policy is in place on the web server, use the following configuration block:

<Directory /> Order Deny,Allow Deny from all </Directory>

Appropriate access control blocks should then be added to the configuration file to enable access to specific files and directories explicitly. This will ensure that any nonpublic files and directories accidentally left on the web server are not leaked onto the Internet. Do not use this to protect sensitive files, but more as an insurance setting. Don't place unnecessary files, directories, and information onto production systems to start with, and don't store temporary files created by the web application within the webspace of the web server.

Was this article helpful?

0 0
The Ultimate Computer Repair Guide

The Ultimate Computer Repair Guide

Read how to maintain and repair any desktop and laptop computer. This Ebook has articles with photos and videos that show detailed step by step pc repair and maintenance procedures. There are many links to online videos that explain how you can build, maintain, speed up, clean, and repair your computer yourself. Put the money that you were going to pay the PC Tech in your own pocket.

Get My Free Ebook


Post a comment