익명 사용자
로그인하지 않음
토론
기여
계정 만들기
로그인
IT 위키
검색
Apache FollowSymLinks
편집하기
IT 위키
이름공간
문서
토론
더 보기
더 보기
문서 행위
읽기
편집
원본 편집
역사
경고:
로그인하지 않았습니다. 편집을 하면 IP 주소가 공개되게 됩니다.
로그인
하거나
계정을 생성하면
편집자가 사용자 이름으로 기록되고, 다른 장점도 있습니다.
스팸 방지 검사입니다. 이것을 입력하지
마세요
!
'''FollowSymLinks''' is a directive in the Apache HTTP Server configuration that controls whether symbolic links (symlinks) in the server's document root or other directories can be followed. Symbolic links are files that point to other files or directories. The FollowSymLinks directive is often used to manage access and behavior related to these links in a web server environment. ==Syntax== The directive is used within Apache configuration files (e.g., `httpd.conf` or `.htaccess`) and is applied at the directory level. Example:<syntaxhighlight lang="apache"> Options FollowSymLinks </syntaxhighlight> ==Functionality== *When '''FollowSymLinks''' is enabled, the server follows symbolic links to serve the target file or directory. *When '''FollowSymLinks''' is disabled, the server ignores symbolic links and does not allow access through them. ==Example== Suppose the following configuration exists:<syntaxhighlight lang="apache"> <Directory "/var/www/html"> Options FollowSymLinks AllowOverride None </Directory> </syntaxhighlight>In this case: *Any symbolic link in the `/var/www/html` directory will be followed by the server, and the target content will be served. If `FollowSymLinks` is removed or replaced with `Options -FollowSymLinks`, symbolic links will not be followed, and attempting to access them will result in an error. ==Security Considerations== While enabling '''FollowSymLinks''' can be convenient, it also introduces potential security risks: *'''Unauthorized Access:''' **If symbolic links point to sensitive files or directories outside the web root, they could inadvertently expose sensitive data. *'''Avoiding Abuse:''' **Attackers may create malicious symbolic links to access unauthorized files. ===Mitigation=== To mitigate risks: *Use `Options -FollowSymLinks` in sensitive directories where symbolic links should not be allowed. *Consider using the '''SymLinksIfOwnerMatch''' directive to allow following symbolic links only if the link owner matches the target file's owner. Example:<syntaxhighlight lang="apache"> <Directory "/var/www/html"> Options SymLinksIfOwnerMatch </Directory> </syntaxhighlight> ==Alternatives== If symbolic links must be used but with stricter control: *'''SymLinksIfOwnerMatch:''' **Ensures that symbolic links are only followed if the link and target have the same owner. *'''Alias Directive:''' **Use Apache’s `Alias` directive to map specific paths to desired files or directories instead of relying on symbolic links. ==Common Use Cases== *Hosting environments where symbolic links are used to manage multiple virtual hosts or shared content. *Development environments where symbolic links simplify directory structure and access. ==Troubleshooting== If symbolic links are not working as expected: *Ensure '''FollowSymLinks''' is explicitly enabled in the relevant configuration block. *Check permissions of the symbolic link and the target file/directory. *Verify that symbolic links are supported by the underlying file system. ==See Also== *[[Apache HTTP Server]] *[[SymLinksIfOwnerMatch]] *[[Alias Directive]] *[[Options Directive]] [[분류:Apache]] [[분류:Configuration]] [[분류:Sever Engineering]]
요약:
IT 위키에서의 모든 기여는 크리에이티브 커먼즈 저작자표시-비영리-동일조건변경허락 라이선스로 배포된다는 점을 유의해 주세요(자세한 내용에 대해서는
IT 위키:저작권
문서를 읽어주세요). 만약 여기에 동의하지 않는다면 문서를 저장하지 말아 주세요.
또한, 직접 작성했거나 퍼블릭 도메인과 같은 자유 문서에서 가져왔다는 것을 보증해야 합니다.
저작권이 있는 내용을 허가 없이 저장하지 마세요!
취소
편집 도움말
(새 창에서 열림)
둘러보기
둘러보기
대문
최근 바뀜
광고
위키 도구
위키 도구
특수 문서 목록
문서 도구
문서 도구
사용자 문서 도구
더 보기
여기를 가리키는 문서
가리키는 글의 최근 바뀜
문서 정보
문서 기록