diff options
| author | Ivan Kohler <ivan@freeside.biz> | 2015-10-23 16:22:45 -0700 |
|---|---|---|
| committer | Ivan Kohler <ivan@freeside.biz> | 2015-10-23 16:22:45 -0700 |
| commit | b74b684d4af6c4bbdfcafb2d99e737550962c9bc (patch) | |
| tree | 1abecdbdc3823137d88a0b28b55cf7191be7e682 | |
| parent | 2bc72d758fc28a4a8beb24d7a93d5502d0355ca6 (diff) | |
deny remote access to elements/*html, RT#23357
| -rw-r--r-- | htetc/freeside-base2.conf | 45 |
1 files changed, 28 insertions, 17 deletions
diff --git a/htetc/freeside-base2.conf b/htetc/freeside-base2.conf index 49b4a243d..3eef50cad 100644 --- a/htetc/freeside-base2.conf +++ b/htetc/freeside-base2.conf @@ -15,27 +15,38 @@ PerlRequire "%%%MASON_HANDLER%%%" AddDefaultCharset UTF-8 <Directory %%%FREESIDE_DOCUMENT_ROOT%%%> -AuthName Freeside -AuthType Basic -AuthUserFile %%%FREESIDE_CONF%%%/htpasswd -require valid-user -<Files ~ "(\.cgi|\.html)$"> -SetHandler perl-script -PerlHandler HTML::Mason -</Files> + + AuthName Freeside + AuthType Basic + AuthUserFile %%%FREESIDE_CONF%%%/htpasswd + require valid-user + + <Files ~ "(\.cgi|\.html)$"> + SetHandler perl-script + PerlHandler HTML::Mason + </Files> + </Directory> + +<Directory %%%FREESIDE_DOCUMENT_ROOT%%%/elements/> + <Files ~ "(\.html)$"> + Deny from all + SetHandler None + </Files> +</Directory> + <Directory %%%FREESIDE_DOCUMENT_ROOT%%%/rt/Helpers/> -SetHandler perl-script -PerlHandler HTML::Mason + SetHandler perl-script + PerlHandler HTML::Mason </Directory> <Directory %%%FREESIDE_DOCUMENT_ROOT%%%/loginout> -AuthName Freeside -AuthType Basic -AuthUserFile %%%FREESIDE_CONF%%%/htpasswd.logout -require valid-user -<Files ~ "(\.cgi|\.html)$"> -SetHandler default-handler -</Files> + AuthName Freeside + AuthType Basic + AuthUserFile %%%FREESIDE_CONF%%%/htpasswd.logout + require valid-user + <Files ~ "(\.cgi|\.html)$"> + SetHandler default-handler + </Files> </Directory> |