Ad Widget

**tcilmo** · 23-02-2018, 18:24

Originally posted by Epic555

Hi, how to prevent directory listing (directory browsing) of "https://myzabbix.com/icons/" web-page?
I found how to do it on Apache on RHEL7, but it doesn't work.
I created .htaccess file in /var/www/html/ and put "Options -Indexes" in it.
In httpd.conf in section <Directory "/var/www/html"> i put "AllowOverride All" and removed "Indexes" word in "Options FollowSymLinks".
But it didnt help.

This can be accomplished in a couple of ways. Add the following lines to the zabbix.conf file in /etc/httpd/conf.d

Code:

<Directory "/usr/share/httpd/icons">
    Require all denied
</Directory>

Now restart the httpd service.

I don't like the idea of adjusting the vendor provided file, so instead I would create my own conf file in /etc/httpd/conf.d.

Create zabbix_icons_dir.conf (or whatever you want to call it) and put the supplied code above it in and restart the httpd service.

This might be a bug\oversight in the config provided by Zabbix. However, the change could affect the application. I would certainly kick this around in a test environment before putting into production.

In case this was an accident by the vendor (other directories are protected), I opened a bug report.

**Epic555** · 26-02-2018, 06:15

I added to the zabbix.conf file in /etc/httpd/conf.d

Code:

<Directory "/usr/share/httpd/icons">
    Require all denied
</Directory>

But it didn't help.

I created a file zabbix_icons_dir.conf in /etc/httpd/conf.d.
It helped.
Thanks.

Ad Widget

Prevent directory listing (browsing)

Prevent directory listing (browsing)

Comment

Comment