Show
Ignore:
Timestamp:
29.11.2012 18:08:58 (7 years ago)
Author:
ak19
Message:

Forgot to commit the windows equivalent for the changes to the linux httpd.conf.in. Commit message for that: Kathy said that the apache server really only needs to give access to the collect and web folders (and cgi-bin for remote scripts), and that the rest of GS2 can just be inaccessible. This will deny access to the user databases too and the apache logs. Have now tested on a Windows GS2 server against Linux client-gli, so changes to windows' httpd.conf.in does not prevent access to usersDB.

Files:
1 modified

Legend:

Unmodified
Added
Removed
  • main/trunk/greenstone2/runtime-src/packages/apache-httpd/windows-httpd.conf.in

    r26512 r26543  
    514514  </Directory> 
    515515 
    516   Alias /greenstone "**GSDLHOME**" 
    517   <Directory "**GSDLHOME**"> 
    518      Options Indexes MultiViews FollowSymLinks 
    519      AllowOverride None 
    520      Order deny,allow 
    521      **CONNECTPERMISSION** from all 
    522      Allow from 127.0.0.1 **HOST_IP** **HOSTS** localhost 
     516  # Deny access to all except collect and web folder 
     517  <Directory /> 
     518    Order Deny,Allow 
     519    Deny from all 
    523520  </Directory> 
    524521 
    525 # Deny access to users.gdb (and other gdb files) 
    526 # Tested with remote GS2 server on Windows against linux client 
    527 # If any issues, can try appending the line:  
    528 #   Allow from 127.0.0.1 **HOST_IP** **HOSTS** localhost 
    529   <FilesMatch "\.gdb"> 
    530      Order deny,allow 
    531      Deny from all 
    532   </FilesMatch> 
     522  Alias /greenstone/web "**GSDLHOME**/web" 
     523  <Directory "**GSDLHOME**/web"> 
     524    Order Deny,Allow 
     525    **CONNECTPERMISSION** from all 
     526    Allow from 127.0.0.1 **HOST_IP** **HOSTS** localhost 
     527  </Directory>