Update of /cvsroot/mhonarc/mharc/etc
In directory subversions:/tmp/cvs-serv21886/etc
Modified Files:
apache.conf.in.dist
Log Message:
* etc/apache.conf.in.dist:
. Updated to add <File> directives to deny access to various files
that you may not want visible to the public.
* Added .htaccess.in.dist to root directory. Contains the same
<File> directives added to etc/apache.conf.in.dist.
This file is useful if you do not have write access to Apache's
main configuration file.
Index: apache.conf.in.dist
===================================================================
RCS file: /cvsroot/mhonarc/mharc/etc/apache.conf.in.dist,v
retrieving revision 1.2
retrieving revision 1.3
diff -C2 -r1.2 -r1.3
*** apache.conf.in.dist 6 Mar 2002 19:52:15 -0000 1.2
--- apache.conf.in.dist 7 Jul 2002 04:32:15 -0000 1.3
***************
*** 1,5 ****
############################################################################
## $Id$
- ## Copyright (C) Earl Hood, earl(_at_)earlhood(_dot_)com
## Description:
## The following are template/example Apache configuration
--- 1,4 ----
***************
*** 8,14 ****
<Directory @@SW_ROOT@@>
AllowOverride All
! Options ExecCGI MultiViews Indexes FollowSymLinks Includes
IndexOptions FancyIndexing NameWidth=* SuppressSize SuppressLastModified
IndexIgnore NMZ.*
<Limit GET POST OPTIONS PROPFIND>
Order allow,deny
--- 7,31 ----
<Directory @@SW_ROOT@@>
AllowOverride All
! Options +ExecCGI MultiViews Indexes FollowSymLinks Includes
IndexOptions FancyIndexing NameWidth=* SuppressSize SuppressLastModified
+
+ # Make sure namazu index files are not visible in directory listings
IndexIgnore NMZ.*
+
+ # Deny access to files that we probably do not want the public to
+ # see. The main one is .mhonarc.db files, especially if we have
+ # mail address obfsucation in the HTML archives.
+ <Files ~ "^(NMZ|\.proc|msgid.cache|.mhonarc.db|config\.sh|lists\.def)">
+ Order allow,deny
+ Deny from all
+ </Files>
+
+ # Deny access to log files
+ <Files ~ "\.log$">
+ Order allow,deny
+ Deny from all
+ </Files>
+
+ # Limit the types of HTTP methods allowed
<Limit GET POST OPTIONS PROPFIND>
Order allow,deny
***************
*** 20,23 ****
--- 37,41 ----
</Limit>
</Directory>
+
<Directory @@MBOX_DIR@@/*/>
AllowOverride All
---------------------------------------------------------------------
To sign-off this list, send email to majordomo(_at_)mhonarc(_dot_)org with the
message text UNSUBSCRIBE MHONARC-DEV