在 IIS 中禁用目录列表 [英] Disable Directory Listing in IIS

问题描述

在我的 Web 应用程序中，所有 .aspx 页面都位于 Pages 目录中.项目结构如下图所示:

Home.aspx 设置为起始页，Pages 文件夹的 Web.config 文件包含:

<预><代码><配置><位置路径=安全"><system.web><授权><deny users="?"/><allow users="*"/></授权></system.web></位置></配置>

主要的 Web.config 有:

我怎样才能做到这一点?感谢您的帮助.
谢谢.
本地主机:
解决方案
您需要禁用 IIS 或 web.config 中的目录浏览
<位置路径=安全"><system.webServer><directoryBrowse enabled="false"/></system.webServer></位置></配置>
以上条目适用于 IIS 7+，对于 IIS 6，您必须从 IIS 管理器执行此操作
In my web application all the .aspx pages resides in Pages directory. The project structure is shown below:



The Home.aspx is set as Start Page and the Web.config file of the Pages folder contains:
<configuration>
<location path="Secured">
    <system.web>
    <authorization>     
        <deny users="?"/>
        <allow users="*"/>
    </authorization>
    </system.web>
</location>
</configuration>
And the main Web.config has:
<authentication mode="Forms">
  <forms loginUrl="~/Pages/Login.aspx" timeout="2880" defaultUrl="~/Pages/Secured/Home.aspx" />
</authentication>
So when the application launches it redirects to the Login page with the URL:

  
http://localhost:2453/Pages/Login.aspx?ReturnUrl=%2fPages%2fSecured%2fHome.aspx
Now if I delete the 

  
Login.aspx?ReturnUrl=%2fPages%2fSecured%2fHome.aspx
from that URL and press enter it is taking me to the Directory Listing:



What I want that it will again send me to the Login page located at 

  
http://localhost:2453/Pages/Login.aspx
How can I achieve this? Your help be appreciated.

Thanks.

The localhost:
解决方案
You need to disable directory browsing from IIS or from the web.config
<configuration>
  <location path="Secured">
    <system.webServer>
      <directoryBrowse enabled="false" />
    </system.webServer>
  </location>
</configuration>
this entry above applies to IIS 7+, for IIS 6 you'll have to do it from IIS Manager

                        
这篇关于在 IIS 中禁用目录列表的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！