How to enable a directory listing in Apache web server

Question

I am not able to enable directory listing in my Apache web server. I have tried various solutions posted, but it is not working. I just freshly installed httpd 2.4.6 and enabled HTTPS using ssl.conf under the /etc/httpd/conf.d/ssl.conf directory and trying to access https://server.example.com/, but this is not listing the directory. These are the configuration in file ssl.conf:

DocumentRoot "/home/userx/Downloads/"
ServerName server.example.com:443

Below is what it has in ssl.conf under the VirtualHost element. Files and the first Directory elements were already there when I installed, and I just added Directory for "/home/userx/Downloads". I want to browse the contents of /home/userx/Downloads when I access the URL https://server.example.com/. What am I missing here?

<Files ~ "\.(cgi|shtml|phtml|php3?)$">
    SSLOptions +StdEnvVars
</Files>
<Directory "/var/www/cgi-bin">
    SSLOptions +StdEnvVars
</Directory>
<Directory "/home/userx/Downloads">
  Options +Indexes
  AllowOverride all
</Directory>

score 29 · Answer 1 · edited Mar 19 '21 at 12:44

See if you are able to access/list the '/icons/' directory. This is useful to test the behavior of "Directory" in Apache.

For example: You might be having the below configuration by default in your httpd.conf file. So hit the URL IP:Port/icons/ and see if it lists the icons or not. You can also try by putting the 'directory/folder' inside the 'var/www/icons'.

Alias /icons/ "/var/www/icons/"

<Directory "/var/www/icons">
    Options Indexes MultiViews
    AllowOverride None
    Require all granted
</Directory>

If it does work, then you can cross-check or modify your custom directory configuration with the '<Directory "/var/www/icons">' configuration.

If you get an `AuthType` error then remove the line `Require all granted` (https://stackoverflow.com/questions/21265191/apache-authtype-not-set-500-error) — m13r, Feb 01 '18 at 15:25

score 14 · Answer 2 · edited Mar 19 '21 at 12:45

14

According to the Apache documentation, found here, the DirectoryIndex directive needs to be specified in the site .conf file (typically found in /etc/apache2/sites-available on Linux).

Quoting from the documentation, it reads:

If no file from the DirectoryIndex directive can be located in the directory, then mod_autoindex can generate a listing of the directory contents. This is turned on and off using the Options directive. For example, to turn on directory listings for a particular directory, you can use:
<Directory /usr/local/apache2/htdocs/listme>
  Options +Indexes
</Directory>
To prevent directory listings (for security purposes, for example), you should remove the Indexes keyword from every Options directive in your configuration file. Or to prevent them only for a single directory, you can use:
<Directory /usr/local/apache2/htdocs/dontlistme>
  Options -Indexes
</Directory>

edited Mar 19 '21 at 12:45

Peter Mortensen

30,738
21
105
131

answered Nov 14 '17 at 03:45

MikeyE

1,756
1
18
37

very useful answer.. finally it is working! – supersan Jul 15 '21 at 13:47
Your citation doesn't even say it has to be specified, let alone in the `.conf` file. It can also be specified in local `.htaccess` files, and it can be completely omitted. – user207421 Jun 10 '22 at 04:04
yes, that was helpful for me. Placing `Options +Indexes` in .htaccess file will enable file and directory listing on per folder basis. Do not use tag within .htaccess file – lww Feb 26 '23 at 19:24

Eddimull · Answer 3 · 2016-08-31T01:48:31.227

8

Try this.

<Directory "/home/userx/Downloads">
  Options +Indexes
  AllowOverride all
  Order allow,deny 
  Allow from all 
  Require all granted
</Directory>

If that doesn't work, you probably have 'deny indexes' somewhere that's overriding your config.

edited Aug 31 '16 at 01:48

answered Aug 31 '16 at 01:39

Eddimull

342
1
8

Still does not work after changing to your suggestion and restarting the server. Logs show this: [Tue Aug 30 18:40:46.492983 2016] [authz_core:debug] [pid 20665] mod_authz_core.c(809): [client 171.71.229.25:59061] AH01626: authorization result of Require all denied: denied [Tue Aug 30 18:40:46.493000 2016] [authz_core:debug] [pid 20665] mod_authz_core.c(809): [client 171.71.229.25:59061] AH01626: authorization result of : denied – Satish Burnwal Aug 31 '16 at 01:42
Ah, okay. I forget that Apache 2.4 needs a require all granted. I'll update the answer. – Eddimull Aug 31 '16 at 01:47
Event that does not help. May be I am having some basic issue, because with DocumentRoot "/home/userx/Downloads/", I created a test dir within that and one index.html file in that test dir but accessing https://server.example.com/test/index.html is also not allowed. [pid 21402] mod_authz_core.c(809): [client 171.71.229.25:59498] AH01626: authorization result of : granted [Tue Aug 30 18:55:38.108746 2016] [core:error] [pid 21402] (13)Permission denied: [client 171.71.229.25:59498] AH00132: file permissions deny server access: /home/sburnwal/Downloads/test/index.html – Satish Burnwal Aug 31 '16 at 01:56
For testing, chmod the index.html to 775. Is it allowed after that? – Eddimull Aug 31 '16 at 01:59
I had done chmod 755 to index.html but no luck yet. I had also ensured chmod 755 unto / dir – Satish Burnwal Aug 31 '16 at 02:05
Is there any log that would say what deny rules the server executed ? or anyway to enabled such logs ? I want to know how it is deciding deny access. – Satish Burnwal Aug 31 '16 at 02:11
and chmod -R 775 to the directory you created? – Eddimull Aug 31 '16 at 02:12
I don't know of a device to analyze the allow/deny rules :/ – Eddimull Aug 31 '16 at 02:15

score 6 · Answer 4 · edited Feb 01 '18 at 18:33

6

I solved the problem by enabling the mod_autoindex from Apache. It was disabled by default.

sudo a2enmod autoindex

edited Feb 01 '18 at 18:33

m13r

2,458
2
29
39

answered Apr 12 '17 at 18:21

Despirithium

309
5
13

How did you enable it ? – Ankur Agarwal Jul 26 '17 at 21:44
`sudo a2enmod autoindex` – OKE Sep 27 '17 at 08:21
a2enmod : command not found – Kokodoko Jul 05 '18 at 17:15
@Kokodoko, that's because a2enmod is a debian thing. – Sliced Bread Nov 17 '18 at 02:49

score 3 · Answer 5 · edited Mar 19 '21 at 12:56

3

This one solved my issue which is an SELinux setting:

chcon -R -t httpd_sys_content_t /home/*

edited Mar 19 '21 at 12:56

Peter Mortensen

30,738
21
105
131

answered Aug 31 '16 at 02:16

Satish Burnwal

487
1
4
11

This was exactly my problem. For others, change the /home/* to your content path (in my case /var/repo/). Since you're using -R the * probably isn't necessary. – Patrick Taylor Feb 01 '20 at 20:33

harperville · Answer 6 · 2019-10-14T23:30:03.197

3

Once I changed Options -Index to Options +Index in my conf file, I removed the welcome page and restarted services.

$ sudo rm -f /etc/httpd/conf.d/welcome.conf
$ sudo service httpd restart

I was able to see directory listings after that.

edited Oct 14 '19 at 23:30

answered Oct 24 '18 at 17:36

harperville

6,921
8
28
36

score 1 · Answer 7 · edited Mar 19 '21 at 12:49

1

I had to disable the SELinux module to make this work. Note: The system needs to be rebooted for SELinux to take effect.

edited Mar 19 '21 at 12:49

Peter Mortensen

30,738
21
105
131

answered Oct 25 '18 at 18:06

rahul verma

11
1

score 0 · Answer 8 · answered Jun 20 '18 at 06:35

0

One way is by creating a soft link to whichever directory you want to list in the /var/www/html/ directory.

sudo ln -s /home/ /var/www/html/

Keep in mind the security.

answered Jun 20 '18 at 06:35

vineet

850
7
9

How to enable a directory listing in Apache web server

8 Answers8

Linked