13,420
edits
Changes
→Controlling Access to Pages
=== Controlling Access to Pages ===
For security, it is important to allow access to general areas of your webpage, but also limit access to other sub-directories that contain other webpages or documents. Penetration Tester or hackers may be able to navigate your file systems within your html directory to obtain unauthorised information.
There are many common-sense safeguards, such as creating an index.html file in your default directory that will display a webpage instead of the directory index. On the other hand, there are also safeguards that you can setup to provide additional protection to your data on your web server.
*Now, as root on your gateway/host, try to forward incoming http connections that arrive on your host to the web server on vm1. Use an iptables command something like this:
