[cvs] [Wiki] changed: SecurityTips
Wiki Guest
wiki at wiki.horde.org
Tue Jan 4 19:18:41 PST 2005
guest [62.134.92.65] Tue, 4 Jan 2005 19:18:41 -0800
Modified page: http://wiki.horde.org/display.php?page=SecurityTips
New Revision: 1.7
@@ -3,5 +3,7 @@
The content of this page is mainly derived from the security-section in the Horde documentation. It is aimed at system administrators who want to add some extra security to their Horde installations (or for those who are a bit paranoid ;) )
+
+Important note: Some of these things are not working very well together with Horde 3.0. I'll redo this stuff as soon as possible. Promisse ;)
+++ Introduction
The configuration examples here have been tested by me on a Fedora Core 1 system running Apache 2.0.51 with mod_ssl and Horde 2.2.7.
My Apache is serving most files out of {{/var/www/html}}. Thus my Horde installation lives in {{/var/www/html/horde}}. Please keep this in mind if you are applying any of these configurations on your system.
@@ -48,14 +50,14 @@
php_admin_flag log_errors on
php_admin_flag register_globals off
</Directory>
-<DirectoryMatch "^\/var\/www\/html\/horde\/(.*\/)?(config|lib|locale|po|scripts|templates)(\/.*)?">
+<DirectoryMatch "^/var/www/html/horde/(.*/)?(config|lib|locale|po|scripts|templates)(/.*)?">
order deny,allow
deny from all
</DirectoryMatch>
-<LocationMatch "^\/horde\/(.*\/)?test\.php">
+<LocationMatch "^/horde/(.*/)?test.php">
order deny,allow
deny from all
allow from localhost
</LocationMatch>
More information about the cvs
mailing list