You are here: Foswiki>Tasks Web>Item14047 (31 Jan 2018, GeorgeClark)Edit Attach

Item14047: sample .htaccess files are too complex

pencil
Priority: Normal
Current State: Closed
Released In: 2.1.1
Target Release: patch
Applies To: Engine
Component: Documentation
Branches: Release02x01 master Item14033 Item13897 Item14380 Item14537
Reported By: GeorgeClark
Waiting For:
Last Change By: GeorgeClark
The example bin-htaccess.txt is especially complex, with examples for LDAP, and Apache auth.

This task is to split this sample into bin-htaccess-basic.txt and bin-htaccess-advanced.txt. For Apache 2.2, or 2.4 with mod_access_compat enabled, we should be able to have a file that works without any tailoring.

  • The FollowSymLinks option could be enabled by default. It's low risk to enable, as there is no known path for a user to use Foswiki to create a symlink. and will make foswiki more likely to work "out of the box"
  • We also should block access to the LocalLib files. They can't actually be accessed, but no sense leaving them reachable.
  • Also add in commented Apache 2.4 style auth statements, in the event that mod_access_compat is not enabled

-- GeorgeClark - 11 Apr 2016

 
Topic revision: r7 - 31 Jan 2018, GeorgeClark
The copyright of the content on this website is held by the contributing authors, except where stated elsewhere. See Copyright Statement. Creative Commons License    Legal Imprint    Privacy Policy