How to disable the default document root in Apache?

Thanks for the other answers. I solved it by adding a default virtual host without any permissions. The global DocumentRoot and ServerName options must match the ones specified in the virtual host.

/etc/httpd/conf/httpd.conf

...
ServerName <server-ip>:80

DocumentRoot "/var/www/html"

<Directory />
    Order Deny,Allow
    Deny from all
    Options None
    AllowOverride None
</Directory>
...

/etc/httpd/conf.d/default.conf

<VirtualHost *:80>
        ServerName <server-ip>
        DocumentRoot /var/www/html
</VirtualHost>

This way, I get a 403 Forbidden message when the server is accessed by it's ip directly, which is exactly what I wanted. It would be even better if I wouldn't need /var/www/html an existing directory for that, but Apache complains if I specify something like /dev/null instead.


Yes and No.

You can comment out or remove the DocumentRoot directive, no problem. But that doesn't achieve much, because then it will default to the default directory PREFIX/htdocs/ where PREFIX is set when you build apache.

When you have VirtualHosts set up all requests that are not handled by an explicitly configured virtual host get handled by the default virtualhost (which is typically the first one, but httpd -S will tell you).