Heya, how goes it? I have a straight forward ubuntu server running with a bunch of vhosts for multiple subdomains.
But when someone hits http://IP_ADDRESS/ directly, they see the full index of my /var/www/ directory where all the domain files are hosted.
I've searched high and low but can't figure out how to solve this. I know Options -Indexes is the solution but it's not listening to the ones I have in there, namely:
Options -Indexes
Any help would be really appreciated. Thanks!
What I do is just create a blank file named index.html and put it it /var/www
So simple, but effective.
The default server is the virst vitual server in the list of servers. It will catch all requests by ip address. In your case you should restrict the access using allow and deny statements. Access is probabably something like.
Replace the order and allow statements with something like.
You can add additional allow statements for your lan addresses if you like.
Try putting the
Options -Indexes
in the appropriateVHost
directive or in the.htaccess
file in /var/www. You can also just create an index file which the users will get instead of the directory listing. Finally, you can disable mod_autoindex.I always put an index.html to my site root as a safety belt. If I later move the site or the settings get modified, the directory listing won't get accidentally revealed. An index.html is a very simple and effective way to stop accidents happening. :-)