在 IIS 中禁用目录列表 [英] Disable Directory Listing in IIS
问题描述
在我的 Web 应用程序中,所有 .aspx 页面都位于 Pages 目录中.项目结构如下图所示:
Home.aspx 设置为起始页,Pages 文件夹的 Web.config 文件包含:
<预><代码><配置><位置路径=安全"><system.web><授权><deny users="?"/><allow users="*"/></授权></system.web></位置></配置>主要的 Web.config 有:
我怎样才能做到这一点?感谢您的帮助.
谢谢.
本地主机:
解决方案 您需要禁用 IIS 或 web.config 中的目录浏览
<位置路径=安全"><system.webServer><directoryBrowse enabled="false"/></system.webServer></位置></配置>
以上条目适用于 IIS 7+,对于 IIS 6,您必须从 IIS 管理器执行此操作
In my web application all the .aspx pages resides in Pages directory. The project structure is shown below:
The Home.aspx is set as Start Page and the Web.config file of the Pages folder contains:
<configuration>
<location path="Secured">
<system.web>
<authorization>
<deny users="?"/>
<allow users="*"/>
</authorization>
</system.web>
</location>
</configuration>
And the main Web.config has:
<authentication mode="Forms">
<forms loginUrl="~/Pages/Login.aspx" timeout="2880" defaultUrl="~/Pages/Secured/Home.aspx" />
</authentication>
So when the application launches it redirects to the Login page with the URL:
http://localhost:2453/Pages/Login.aspx?ReturnUrl=%2fPages%2fSecured%2fHome.aspx
Now if I delete the
Login.aspx?ReturnUrl=%2fPages%2fSecured%2fHome.aspx
from that URL and press enter it is taking me to the Directory Listing:
What I want that it will again send me to the Login page located at
How can I achieve this? Your help be appreciated.
Thanks.
The localhost:
解决方案 You need to disable directory browsing from IIS or from the web.config
<configuration>
<location path="Secured">
<system.webServer>
<directoryBrowse enabled="false" />
</system.webServer>
</location>
</configuration>
this entry above applies to IIS 7+, for IIS 6 you'll have to do it from IIS Manager
这篇关于在 IIS 中禁用目录列表的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!