Default security model
open etc/apache2/apache2.conf
find security model for the directory in question (e.g. <Directory /var/www/>)
- delete Indexes from line 'Options' - to disable file listing in a directory
- set AllowOverride None/All - to disable/enable .htaccess files to override default security model
- set Require ip/host [IP/host] - to enable http access for certain visitors
set Require all denied/granted - to disable/enable http access to that directory
set Require not [IP|host] - to disable http access for certain visitors
restart:
service apache2 restart