Changeset 26541 for main


Ignore:
Timestamp:
2012-11-29T14:11:56+13:00 (11 years ago)
Author:
ak19
Message:

Kathy said that the apache server really only needs to give access to the collect and web folders (and cgi-bin for remote scripts), and that the rest of GS2 can just be inaccessible. This will deny access to the user databases too and the apache logs. Still need to test as a remote GS against a client-GLI, then will commit the windows version.

File:
1 edited

Legend:

Unmodified
Added
Removed

  • main/trunk/greenstone2/runtime-src/packages/apache-httpd/httpd.conf.in

    r26512 r26541  
    436436  </Directory> 
    437437 
    438   Alias /greenstone "**GSDLHOME**"
    439   <Directory "**GSDLHOME**">
    440      Options Indexes MultiViews FollowSymLinks
    441      AllowOverride None
    442      Order deny,allow
    443      **CONNECTPERMISSION** from all
    444      Allow from 127.0.0.1 **HOST_IP** **HOSTS** localhost
     438  # Deny access to all except collect and web folder
     439  <Directory />
     440    Order Deny,Allow
     441    Deny from all
    445442  </Directory>
    446443
    447 # Deny access to users.gdb (and other gdb files)
    448 # Tested with remote GS2 server on Windows against linux client
    449 # If any issues, can try appending the line:
    450 #   Allow from 127.0.0.1 **HOST_IP** **HOSTS** localhost
    451   <FilesMatch "\.gdb">
    452      Order deny,allow
    453      Deny from all
    454   </FilesMatch>
     444  Alias /greenstone/web "**GSDLHOME**/web"
     445  <Directory "**GSDLHOME**/web">
     446    Order Deny,Allow
     447    **CONNECTPERMISSION** from all
     448    Allow from 127.0.0.1 **HOST_IP** **HOSTS** localhost
     449  </Directory>
Note: See TracChangeset for help on using the changeset viewer.