Apache和Tomcat限制文件访问或下载
Apache,在http.conf中的<Directory >里面加入
<FilesMatch "pattern"> Order Deny,Allow Deny from all</FilesMatch>
?
Tomcat,在web.xml里加入
<security-constraint><display-name>HelloApp Configuration Security Constraint</display-name><web-resource-collection><web-resource-name>Protected Area</web-resource-name><!-- Define the context-relative URL(s) to be protected --><url-pattern>/pattern</url-pattern> <!--可在这里设置要被限制的文件夹--></web-resource-collection><auth-constraint><!-- Anyone with one of the listed roles may access this area --></auth-constraint></security-constraint>?