How to disable directory browsing at application level
search cancel

How to disable directory browsing at application level


Article ID: 260602


Updated On:


SITEMINDER CA Single Sign On Agents (SiteMinder) CA Single Sign On Secure Proxy Server (SiteMinder)


How can Access Gateway be used to disable directory browsing (directory indexing)?


Release : ALL


It's best to control directory browsing via the backend host (web server) that is serving the content since web servers have a specific control for this feature.

It is possible to leverage Siteminder policies to accomplish the same, however, this doesn't scale very well since rules/policies would need to be created for all the resources to which users should have access.

Additional Information

Access Gateway should not be used to serve local content with the exception of the Siteminder specific forms/files (such as .fcc files).  This is why directory browsing should be disabled on the back end web server rather than in Access Gateway's Apache.