Security :: How To Disable Directory Indexing
May 4, 2010
I'm concerning about my web server, I use nikto to see where should I improve my configurations, then I just know my web server is enable directory indexing. I have searched and found that I should just put
Code:
Options -Indexes to disable directory indexing. I have already restart apache but directory indexing still enable here is my httpd.conf Where did I wrong ?
Code:
ServerTokens OS
ServerRoot "/etc/httpd"
PidFile run/httpd.pid
[code]....
View 6 Replies
ADVERTISEMENT
Jul 7, 2010
is there a way to disable indexing on 10.04?
View 2 Replies
View Related
Jan 26, 2010
I want to enable directory indexing in "/var/www/html/" [dont want to use index.html or something else htm or php file , just want to show all files and folders when browsing http://localhost ] security risk but i damn care about it.
Code:
1- Using Fedora 12
2- Apache version 2.2.14-1 .fc12.i686
3- SELINUX=disabled
getsebool -a | grep http
[code]....
View 6 Replies
View Related
Jul 13, 2010
I am learning SELinux from LinuxCBT and I'm stuck at one place. Now video is on RHEL 4 (so tell me if things has changed since, cause I can't find anything related) shows how to disable SELinux security on httpd.first I don't know diff between initrc_t and uncofined_t; and second I don't know if something is wrong is everything is all right.
View 1 Replies
View Related
May 30, 2011
I'm using openSUSE 11.4 (x86_64) with KDE: 4.6.00 (4.6.0) "release 6"Everytime I visit a direcotorya hidden file ".directory" is created. How to disable that? Is There a possibility to disable that behaviour only for public_html directory
View 9 Replies
View Related
Jul 29, 2010
I remove "Index" in my /etc/apache2/sites-enabled/000-default file in order users not to be able to browse directories. I have sym link of a folder in /var/www/test (test is the symlinked folder). If I write in the address bar of the browser http://x.x.x.x/album/img_name.jgp I can see the picture, but I want contents not to be available. Is that different from file browsing and how to disable it?
View 8 Replies
View Related
Feb 11, 2011
Is there a way to modify the ssh_config and sshd_config files so that a user can scp but will not be allowed to ssh. I have done a search and found a tool name scponly but I really do not want to install anything. Most of the books I have only discuss how to use ssh.
View 3 Replies
View Related
Mar 9, 2010
I need disable usb port access in ubuntu9.10. how to disable usb port in ubuntu9.10
View 9 Replies
View Related
Jun 15, 2010
I currently have a user on my Ubuntu server that I want to block completely from login. I know right now they login with SSH keys so they don't need to enter their SSH password. Can anyone tell me how to remove the SSH key login for their username and root user which I believe they use too and block SSH access alltogether.I will then just change the root SSH password.I'm terrified they will do some harm so I need them blocked out ASAP.
View 7 Replies
View Related
Aug 9, 2010
Anyone know how to disable IPv6 but still use IPv4?
View 6 Replies
View Related
Sep 3, 2010
I've made an SSH server using OpenSSH on my desktop Ubuntu (10.4) for tunneling. However, I'm noticing that the public account I made for my SSH (one to give to friends to use proxy) has SFTP access to crucial system files. I'm okay with SFTP being enabled on my account, but not on this public account. Does anyone know of anyway to either disable SFTP to that user, or restrict access to important files?
View 4 Replies
View Related
Jun 19, 2011
Set up a few machines yesterday to test out some parallel code. Just for fun, I selected the "encrypt users files" option when setting up Ubuntu (10.10). I had never used the option in years past. Now I'm finding it a pain. EG., ssh requires me to already have a login to the machine before it will let me log in w/o a password (eg., using id_rsa.pub and authorized_keys).
Similarly, I have no reason to encrypt files on these machines. They're just crunching numbers. Is there an easy way to disable this? Or do I need to delete my original user and make another one (with all the su privelages, etc...) w/o an encrypted file system / home directory.
View 1 Replies
View Related
Dec 15, 2010
I use Ubuntu on my netbook, which I uses for browsing and email. It's way faster than the Windows which came on the machine. That's a nice feature, as is the price.
I like it except for the constant, perpetual, ever-present, super-annoying need to be entering passwords and "becoming root user" and so on. I am the only one using this appliance. I don't even care if someone steals it, really. There must be some way (I hope) of disabling this idea that I am a CIA agent with TopSecret materials.
I just want a simple, easy to use appliance. If not Ubuntu, is there any distro that is aimed at normal people?
View 14 Replies
View Related
Apr 7, 2010
I just want to disable rm command for an user..Root only need to use that
View 14 Replies
View Related
Mar 5, 2011
I am using Fedora. I want to disable Linux iptables permanently. Normally when I reboot my pc the iptable service is on. how can I disable even I turn reboot the pc.
View 6 Replies
View Related
Feb 5, 2010
I read somewhere that 'sync' and 'who' commands in linux should be disabled. While i can understand that for the 'who' command, why so for 'sync'?
I can find sync and who as one of shell commands, whereas also in /bin/sync and /usr/bin/who. Are the shell commands and those in bin directory meant to serve the same purpose?
Finally, how can i disable these commands?
View 4 Replies
View Related
Mar 11, 2010
I've enabled the root account on Ubuntu 9.10, however I want to stop it from being used to login via GDM. 9.10 seems to have a different GDM version, how can I carry this out under 9.10
View 9 Replies
View Related
Aug 8, 2010
Inspite i have read through the sticky link but i have a query.
Example,
If you have your firefox under enforce mode in apparmor,are you still able to install an update / addon to it to a newer version.
If not,how to disable the apparmor in firefox.Is it as below?
Code:
View 9 Replies
View Related
Jan 22, 2011
I have tried everything to disable automatic login from the login screen (gdm). I've changed my password, I've changed the settings in System -> Admin ->Login Screen, and I've edited /etc/gdm/custom.conf (gdm.conf doesn't exist, but I created it just in case!).No auto login is set up, but I can't get it to ask for my password. This is affecting my ability to switch sessions, as I can't switch sessions without clicking on my name in gdm, and because it's set to auto login,
View 4 Replies
View Related
Feb 17, 2011
How do I disable showing Usernames? I want to be prompted for BOTH un and pw. If it is necessary I could just change it so that it boots into a fullscreen terminal so that you would have to input "startx" and then username and password. Or I could just change it through gui or 3rd party software.
View 7 Replies
View Related
Apr 3, 2011
having a slow internet connection, I bought the all maverick repository on DVDs, copied the files on a usb drive and modified the apt sources file to consider the local repository only:
Code:
# deb file:/var/www/ubuntu_local/ ./
deb file:/var/www/maverick/dvd1/ maverick main universe restricted multiverse
deb file:/var/www/maverick/dvd2/ maverick main universe restricted multiverse
deb file:/var/www/maverick/dvd3/ maverick main universe restricted multiverse
[code]....
Even though I am reasonably sure it is safe, this local repository is not authenticated and I can only install package through the command line or synaptic, the Ubuntu Software Centre giving an error message "Requires installation of untrusted packages"...I thus would like to disable the apt authentication check for this local repository.
View 2 Replies
View Related
May 11, 2011
I wish to prevent a user account with sudo rights from mounting attached storage, i managed todo this with ubuntu Version 8 using gnome-polkit i think it was, however i'm not able todo this in 11.04 now , has anyone got a direction i can look in, i googled alot but my searches all come up with auto mounting or how to mount drives
View 1 Replies
View Related
Sep 4, 2010
Is there anyway I can disable an account from being logged in via Putty, but permits someone else to "su" into the account? For example, an application is being run as "app_account". Because there will be multiple people administering this application and the password is shared for this "app_account", I want to disable 1st level login for it. I want to make it such that only the permitted people can "su - app_account", once they have logged into their personal account. How can I do this? If I set app_account's shell to /sbin/nologin, the users are also not allowed to do "su - app_account".
View 2 Replies
View Related
Feb 25, 2011
I want to disable the remote login for particular user id in linux server.
View 11 Replies
View Related
Dec 28, 2010
I have a VMware farm where:
- DHCP is in use to give machines IPs
- Machines go up and down all the time
- All IPs are on a certain subnet
- VMs update DNS (we don't go by IP)
- SSH is in use
I would like to disable StrictHostKeyChecking only for this subnet, because IPs change all the time and editing known_hosts usually only works for a few days before the IP changes again, and once I get enough entries, there are tons of conflicts.
I tried the following in ~/.ssh/config:
Code:
Host 10.0.217.*
StrictHostKeyChecking no
UserKnownHostsFile /dev/null
[Code]....
View 10 Replies
View Related
Jan 12, 2009
It seem like unix abit annoying every time you log in you need to password can I disable it
View 10 Replies
View Related
Apr 4, 2009
Remote root login is enabled. How do I disable this
View 14 Replies
View Related
Jul 12, 2009
I'm not necessarily gonna do this, but I have to know. Is there a way to make the system not complain about every single freaking password you try to use? Make it so that any regular user could make "hello" their password without complaint? Like I said, I won't necessarily do it, but I have to know if it can be done.I did some searching and found the su -c "passwd username" trick, which is working for right now (I have root access but a user account I made for a friend doesn't)... it's just irritating when it won't even let him use something like "snuh123" because it seems to think it's based on a (reversed) dictionary word. Any use of a dictionary word, even with other chars, fails
View 6 Replies
View Related
Aug 17, 2009
I plan to install vmware but I had some problems...So I looked over the internet and I found that I must disable selinux....is this true? It means that I must have to disable the selinux for ever? And then, will my System be safe?
View 6 Replies
View Related
Feb 22, 2010
I wanted to disable root logins in console, so I searched for that. I found that if I change root's bash to "/sbin/nologin" in "/etc/passwd", root user will not be able to login. So I did that. But when I wanted to use sudo command, it didn't show me root bash, but it only do the same thing as logging in as root in single user mode (shows message that this account is disabled). So, how I can disable root logins, but keep enabled sudo command for standard users?
View 6 Replies
View Related
