Apache和Tomcat限制文件访问或下载

Apache,在http.conf中的<Directory >里面加入

<FilesMatch "pattern">
   Order Deny,Allow
   Deny from all
</FilesMatch>

 

Tomcat,在web.xml里加入

<security-constraint>
<display-name>HelloApp Configuration Security Constraint</display-name>
<web-resource-collection>
<web-resource-name>Protected Area</web-resource-name>
<!-- Define the context-relative URL(s) to be protected -->
<url-pattern>/pattern</url-pattern> <!--可在这里设置要被限制的文件夹-->
</web-resource-collection>
<auth-constraint>
<!-- Anyone with one of the listed roles may access this area -->
</auth-constraint>
</security-constraint>
 

你可能感兴趣的:(apache)