Linux Blog

Apache “Directory index forbidden by Options directive:”

Filed under: Quick Linux Tutorials — TheLinuxBlog.com at 9:29 pm on Friday, June 27, 2008

This is a common problem with the Apache web server. It is considered a security risk to show the directory contents by default. Especially those in the root directory. The way to fix this is pretty simple, you first need to make sure that there are no -Index directives in any of the configuration files. In your httpd configuration directory grep with a line number for Options like so:

grep -n Options *

If you don’t see any -Indexes then its possible there are included files. Check these directories if you know them, if you don’t grep your configuration file for the Includes:

grep -n Include *

If you’re still getting the test page or a permission denied error after removing the directive that disables Indexes then it may be a permissions issue. Apache needs +x access for all users to enable directory listings. Change the permissions and it should work.

On Fedora there is a file called welcome.conf in the conf.d directory. This can be removed and if you have Options All set, then you should be good to go. On other distributions like Slackware it is easier to accomplish. I wouldn’t recommend allowing any sort of directory listing in a production environment but in my development case, where I only allow access to my test server on a per host basis this is not a big problem.

Also, remember to restart the server after making changes.

Hope this helps, if it doesn’t be sure to drop a comment!