ProblemYou want to make sure that files outside of your web directory are not accessible. SolutionFor Unixish systems: <Directory /> Order deny,allow Deny from all AllowOverride None Options None </Directory> For Windows systems: <Directory C:/> Order deny,allow Deny from all AllowOverride None Options None </Directory> Repeat for each drive letter on the system. DiscussionGood security technique is to deny access to everything, and then selectively permit access where it is needed. By placing a Deny from all directive on the entire filesystem, you ensure that files cannot be loaded from any part of your filesystem unless you explicitly permit it, using a Allow from all directive applied to some other <Directory> section in your configuration. If you wanted to create an Alias to some other section of your filesystem, you would need to explicitly permit this with the following: Alias /example /var/example <Directory /var/example> Order allow,deny Allow from all </Directory> See Also
|