Changeset 26512 for main/trunk/greenstone2/runtime-src/packages/apache-httpd/windows-httpd.conf.in

Timestamp:

2012-11-23T16:38:44+13:00 (11 years ago)

Author:

ak19

Message:

First step to improving the security issues in GS2 and GS3: now GS2's httpd.conf is set up to deny access to .gdb files, since users.gdb is to be made inaccessible. Tested that connecting to a remote (Win) GS3 server under a new user account still works (from a Linux GLI client).

File:

• main/trunk/greenstone2/runtime-src/packages/apache-httpd/windows-httpd.conf.in (modified) (1 diff)

main/trunk/greenstone2/runtime-src/packages/apache-httpd/windows-httpd.conf.in

@@ -522 +522 @@
      Allow from 127.0.0.1 **HOST_IP** **HOSTS** localhost
   </Directory>
+
+# Deny access to users.gdb (and other gdb files)
+# Tested with remote GS2 server on Windows against linux client
+# If any issues, can try appending the line: 
+#   Allow from 127.0.0.1 **HOST_IP** **HOSTS** localhost
+  <FilesMatch "\.gdb">
+     Order deny,allow
+     Deny from all
+  </FilesMatch>