Show
Ignore:
Timestamp:
23.11.2012 16:38:44 (8 years ago)
Author:
ak19
Message:

First step to improving the security issues in GS2 and GS3: now GS2's httpd.conf is set up to deny access to .gdb files, since users.gdb is to be made inaccessible. Tested that connecting to a remote (Win) GS3 server under a new user account still works (from a Linux GLI client).

Files:
1 modified

Legend:

Unmodified
Added
Removed
  • main/trunk/greenstone2/runtime-src/packages/apache-httpd/httpd.conf.in

    r24901 r26512  
    444444     Allow from 127.0.0.1 **HOST_IP** **HOSTS** localhost 
    445445  </Directory> 
     446 
     447# Deny access to users.gdb (and other gdb files) 
     448# Tested with remote GS2 server on Windows against linux client 
     449# If any issues, can try appending the line:  
     450#   Allow from 127.0.0.1 **HOST_IP** **HOSTS** localhost 
     451  <FilesMatch "\.gdb"> 
     452     Order deny,allow 
     453     Deny from all 
     454  </FilesMatch>