Possible to secure /var/www/* ipxe boot contents?
I have a couple of ipxe items and their contents reside in /var/www. I noticed that I can browse to those web shares without authentication. I know FOG needs them shared, but I thought the FOG ipxe kernel is already authenticated. Is there a way to block web browsing to these specific shares and only allow access via FOG pxe?
apache stop file browsing
Yes I will place this here to save a search for anyone who stumbles upon this post.
eside in /var/www. I noticed that I can browse to those web shares without authentication.
I can say in general there is a way to tell apache to now allow browsing of files in a certain directory path. To be able to access the files, you must know the complete path and file name (your fog menus or what ever you have referencing these files would know the complete path).
So I would suggest that you google “apache stop file browsing” to see the correct apache directive for the path where your files are stored. I would recommend though that you place all of your files in its own unique root path like
/var/www/html/mystuffand not use a subdirectory of
/var/www/html/fogor store files in the apache docroot
/var/www/htmlThat way your directive can be isolated to the files you want to protect.