How to make Apache more secure by hiding directory folders
You have Apache set up and serving your sites to perfection. Or so you thought.
A team member informs you she can navigate through the folder hierarchy of your Apache server. This could end in security issues you don’t want to face.
The fix for this is quite easy and allows you to do it for individual sites or for your document root (i.e., the default location where your Apache sites are served from). There are two easy methods of achieving this; I’ll show you both.
I assume you have Apache running and serving up sites. I also assume you have sites in standard and nonstandard locations. For the sake of this example, our server will have a document root of /var/www/ and our nonstandard sites will be served from /srv/www. My demo will be with Apache2 on…