CodeIgniter：从所有文件夹中删除index.html是否安全？ [英] CodeIgniter: Is it safe to delete index.html from all folders?

问题描述

我是CodeIgniter的新手。我注意到所有CodeIgniter文件夹（缓存，配置，控制器，核心，错误等）都包含一个index.html文件，该文件基本上说禁止目录访问。如果我错了，请指正我，但我认为不可能基于CodeIgniter的默认配置从网络上访问这些文件夹中的任何一个。

I'm new to CodeIgniter. I notice that all CodeIgniter folders (cache, config, controllers, core, errors, etc...) contains an index.html file that basically says "Directory access is forbidden". Correct me if I'm wrong, but I don't think it is possible to get to any of these folders from the web based on CodeIgniter's default configuration.

什么是这些index.html文件的目的是什么？我可以删除它们，还是让他们一个人呆着？

What is the purpose of these index.html files? Can I just delete them, or do I leave them alone?

非常感谢。

推荐答案

它们的目的是防止在服务器上启用目录列表后显示目录的内容。默认情况下，Apache服务器已启用目录列表。

The purpose of them is to prevent the contents of the directory from displaying if directory listing is enabled on your server. Apache servers by default have directory listing enabled.

在某些情况下，如果有适当的情况，您可能可以尝试直接浏览到文件夹。这些主要是由于未正确配置的服务器或漏洞利用所致。因此，最好只留下index.html文件（它们不会造成任何伤害，并且它们不会占用太多空间）。

There are several instances where given the right circumstances you might be able to attempt to browse to a folder directly. These would mainly be caused by a server which is not configured properly, or an exploit. Therefore it is really best if you just leave the index.html files alone (they aren't hurting anything, and they don't take up that much space).

我什至建议您也将index.html文件添加到您创建的任何和所有文件夹中。

I'd even go as far as to suggest that you too add an index.html file to any and all folders which you create.

这篇关于CodeIgniter：从所有文件夹中删除index.html是否安全？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！