禁用目录列表在IIS中 [英] Disable Directory Listing in IIS
问题描述
在我的Web应用程序的所有.aspx页驻留在网页目录中。项目结构如下图所示:
In my web application all the .aspx pages resides in Pages directory. The project structure is shown below:
该Home.aspx设置为起始页和Pages文件夹的Web.config文件包含:
The Home.aspx is set as Start Page and the Web.config file of the Pages folder contains:
<configuration>
<location path="Secured">
<system.web>
<authorization>
<deny users="?"/>
<allow users="*"/>
</authorization>
</system.web>
</location>
</configuration>
和主要的Web.config文件有:
And the main Web.config has:
<authentication mode="Forms">
<forms loginUrl="~/Pages/Login.aspx" timeout="2880" defaultUrl="~/Pages/Secured/Home.aspx" />
</authentication>
所以,当应用程序启动它重定向到登录页面的网址:
So when the application launches it redirects to the Login page with the URL:
的http://localhost:2453/Pages/Login.aspx?ReturnUrl=%2fPages%2fSecured%2fHome.aspx
现在,如果我删除
的Login.aspx?RETURNURL =%2fPages%2fSecured%2fHome.aspx
Login.aspx?ReturnUrl=%2fPages%2fSecured%2fHome.aspx
从URL和preSS进入它带我到目录列表:
from that URL and press enter it is taking me to the Directory Listing:
我要什么,它会再次送我到位于登录页面:
What I want that it will again send me to the Login page located at
的http://本地主机:2453 /页/ 的Login.aspx
http://localhost:2453/Pages/Login.aspx
我怎样才能做到这一点?你的帮助是AP preciated。
How can I achieve this? Your help be appreciated.
感谢。
本地主机:
The localhost:
推荐答案
您需要从IIS或从web.config禁用目录浏览
You need to disable directory browsing from IIS or from the web.config
<configuration>
<location path="Secured">
<system.webServer>
<directoryBrowse enabled="false" />
</system.webServer>
</location>
</configuration>
上面这个条目适用于IIS 7+,对于IIS 6你必须从IIS管理器中做到这一点。
this entry above applies to IIS 7+, for IIS 6 you'll have to do it from IIS Manager
这篇关于禁用目录列表在IIS中的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!