steffen: server/kolabd/kolabd/templates httpd.conf.template.in, 1.4, 1.5

cvs at kolab.org cvs at kolab.org
Tue Nov 21 23:08:01 CET 2006


Author: steffen

Update of /kolabrepository/server/kolabd/kolabd/templates
In directory doto:/tmp/cvs-serv19897

Modified Files:
	httpd.conf.template.in 
Log Message:
Protection of rogue scripts in fbview (issue1507)

Index: httpd.conf.template.in
===================================================================
RCS file: /kolabrepository/server/kolabd/kolabd/templates/httpd.conf.template.in,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -d -r1.4 -r1.5
--- httpd.conf.template.in	4 Apr 2006 18:54:13 -0000	1.4
+++ httpd.conf.template.in	21 Nov 2006 22:07:59 -0000	1.5
@@ -137,8 +137,17 @@
 <Location />
   ErrorDocument 403 https://@@@fqdnhostname@@@/admin/
 </Location>
-<Location /fbview>
-  ErrorDocument 403 https://@@@fqdnhostname@@@/fbview/
+<Location /fbview/*.php>
+    Deny from all
+    ErrorDocument 403 https://@@@fqdnhostname@@@/fbview/
+</Location>
+<Location /fbview/index.php>
+    Order allow,deny
+    Allow from all
+</Location>
+<Location /fbview/login.php>
+    Order allow,deny
+	Allow from all
 </Location>
 
 <Files ~ "^\.ht">





More information about the commits mailing list