SOLVED directory listings enabled in fog-installation
not a real problem, just a question: Is it intended, that directory listings in apache are not disabled (at least for the / directory)? When I connect to / on the fog-ip via http I can see the directories html/ and fog/
@Sebastian-Roth I guess I would have to spin up a new FOG server to see what problem we are trying to solve. I know there are people using their fog server for more than just imaging. If the problem is just to keep people from getting a directory listing of the web server root or landing on
http://<fog_server_ip>and seeing things we could just put a
index.phpfile in there to redirect to the fog management interface.
RedirectMatch "^/$" "/fog/"
Fairly straight forward and I would hope this doesn’t cause issues for existing installs. Though I am not exactly sure as many people use their FOG server for booting Live distros and we don’t know for sure how they setup it up. But the rule is very distinct and shouldn’t cause problems I would think. Except if you use the apache webserver to serve another website on that same server.
I’ve addressed this on my FOG servers as follows:
First edit the FOG apache file at /etc/apache2/sites-available/001-fog.conf to enable htaccess to work
Add a new <Directory> stanza linked to the root of the site underneath the existing <Directory> stanza so it looks like this:
<Directory /var/www/fog/> DirectoryIndex index.php index.html index.htm </Directory> <Directory /var/www/> Options Indexes FollowSymLinks AllowOverride All Require all granted </Directory>
Restart apache then create an htaccess file
sudo systemctl restart apache2 sudo vi /var/www/.htaccess
Add the following and save
Now navigating to the root of your FOG server will give you permission denied
This is actually a suggestion I had meant to bring up earlier. I briefly tested it but removed the config because I was unsure of compatibility but a redirect in the apache config to /fog might be worth while so a directory doesn’t need to be specified at all. Via either RedirectMatch or RewriteRule. I just don’t know what this will do to systems that have the client with /fog already hardcoded.
@Tywyn Well it’s just one of those many things that need fixing but aren’t too pressing…