The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Removing Default "Index of" Setting on Apache

Discussion in 'Security' started by reefine, Sep 7, 2010.

  1. reefine

    reefine Registered

    Joined:
    Sep 7, 2010
    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    1
    Hi,

    I am trying to get rid of the default setting that shows all files/folders "index of" default for a directory that has no index file.

    How do I do this?

    This should be default setup for cPanel installations... I am very surprised it is not! Huge security flaw!

    Thanks,
    Reefine
     
  2. cPanelDon

    cPanelDon cPanel Quality Assurance Analyst
    Staff Member

    Joined:
    Nov 5, 2008
    Messages:
    2,557
    Likes Received:
    7
    Trophy Points:
    38
    Location:
    Houston, Texas, U.S.A.
    cPanel Access Level:
    DataCenter Provider
    Twitter:
    Apache directory indexes can be disabled by default using WebHost Manager (WHM) via the following menu path (with linked documentation):
    WHM: Main >> Service Configuration >> Apache Configuration >> Global Configuration
    • Directory '/' Options >> Untick (uncheck) "Indexes" >> Save
     
  3. reefine

    reefine Registered

    Joined:
    Sep 7, 2010
    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    1
    Thanks. Worked!

    Why is this not default? This is a major security flaw. I feel sorry for users who do not know much about cPanel who are the administrators of their server..

    cPanel is excellent software but lacks:

    - Default configuration (for all files) optimized for security
    - Grammar checking (I noticed they spell "automatically" - "automagically" many times... very annoying)

    I have had to spend 12 hours optimizing cPanel to make it secure.. not very good with latest stable release :-/
     
  4. cPanelDon

    cPanelDon cPanel Quality Assurance Analyst
    Staff Member

    Joined:
    Nov 5, 2008
    Messages:
    2,557
    Likes Received:
    7
    Trophy Points:
    38
    Location:
    Houston, Texas, U.S.A.
    cPanel Access Level:
    DataCenter Provider
    Twitter:
    If there is a specific setting you would like enabled by default, such as one related to security, I would consider posting a feature request (one per thread) in the following forums area to help gather interest and spur discussion: Feature Requests for cPanel and WHM - cPanel Forums

    Regarding typos, if you see any that may have been missed please let us know; we greatly appreciate your feedback especially when reporting an issue. We have a dedicated link in the upper right corner of the forums, labeled Bugs, that can be used to Submit a Bug Report.

    Please note that while using the cPanel STABLE release tier there may be a longer wait until updates, including typo corrections, reach your system; this is because each update is first tested in other release tiers (AKA build trees), including EDGE, CURRENT, and RELEASE, before they may reach STABLE. Reference: cPanel/WHM Versions and Release Process
     
  5. cPanelDavidG

    cPanelDavidG Technical Product Specialist

    Joined:
    Nov 29, 2006
    Messages:
    11,279
    Likes Received:
    8
    Trophy Points:
    38
    Location:
    Houston, TX
    cPanel Access Level:
    Root Administrator
    Automagically is a word (not a grammatical error). The most commonly accepted first use of the term in writing is considered to have taken place in 1987: Advanced structured analysis and design - Google Books
     
Loading...

Share This Page