Hi, am very new to apache server and am trudging through all the
documentation to learn more but would appreciate it if someone could
advise me quickly.

I've set up apache 2.0.58 with php 5.5 on a win XP machine for
developmental purposes and have come to realise that people on other
computers can access the serverRoot by typing in http://{my ip
address}. This raises some concerns because I don't have a clue what
else people can see. After some testing I found out that the outside
world can browse all directories in my Server root and see all files,
which isn't too much of a problem, but what about other directories?
Could anyone have access to my myDocuments folder for example?
In general, can someone tell me how I can block all computers form
seeing anything on my computer whilst still being about to work
through my browser on my machine by typing http://localhost

Any help is greatly appreciated,

Ste

[ Post a follow-up to this message ]

> I've set up apache 2.0.58 with php 5.5 on a win XP machine for
> developmental purposes and have come to realise that people on other
> computers can access the serverRoot by typing in http://{my ip
> address}.
<snip>
> In general, can someone tell me how I can block all computers form
> seeing anything on my computer whilst still being about to work
> through my browser on my machine by typing http://localhost

Last things first. Open the configuration file (httpd.conf) and locate the
"Listen" directive. It will have your IP assigned:

Listen xxx.xxx.xxx.xxx:80

Just change that to "Listen 127.0.0.1:80" and make sure no other occurrences
 of
Listen are active. (You can listen to more than one IP)

> This raises some concerns because I don't have a clue what
> else people can see. After some testing I found out that the outside
> world can browse all directories in my Server root and see all files,
> which isn't too much of a problem, but what about other directories?
> Could anyone have access to my myDocuments folder for example?

Clients can only access files and directories under the DocumentRoot. You ca
n
also block browsing of those directories by removing the Index option for so
me
or all of the directories.
--
Crash

[ Post a follow-up to this message ]

Brilliant. Thank you very much, I'll try that now 

Ste

On 27 Jul, 11:21, "\"Crash\" Dummy" <dva...@deathstar.mil> wrote: 
> <snip> 
>
> Last things first. Open the configuration file (httpd.conf) and locate the
> "Listen" directive. It will have your IP assigned:
>
> Listen xxx.xxx.xxx.xxx:80
>
> Just change that to "Listen 127.0.0.1:80" and make sure no other occurrenc
es of
> Listen are active. (You can listen to more than one IP)
> 
>
> Clients can only access files and directories under the DocumentRoot. You 
can
> also block browsing of those directories by removing the Index option for 
some
> or all of the directories.
> --
> Crash

[ Post a follow-up to this message ]