[Koha-patches] [PATCH] Bug 9812 - Forbid access to several files through the browser
Tomas Cohen Arazi
tomascohen at gmail.com
Wed Mar 13 18:36:46 CET 2013
This patch hides (-Indexes) and forbids (Deny from all) access to some stuff through a browser.
Specifically "xlst", "modules" and "includes" dirs and its contents.
This is just a quick fix we talked about at IRC. The proper solution would be to remove this from htdocs which will still be needed.
---
etc/koha-httpd.conf | 19 +++++++++++++++++++
1 file changed, 19 insertions(+)
diff --git a/etc/koha-httpd.conf b/etc/koha-httpd.conf
index dc82d08..f591e0a 100644
--- a/etc/koha-httpd.conf
+++ b/etc/koha-httpd.conf
@@ -20,6 +20,15 @@
SetEnv MEMCACHED_SERVERS "__MEMCACHED_SERVERS__"
SetEnv MEMCACHED_NAMESPACE "__MEMCACHED_NAMESPACE__"
+ <Directory "__OPAC_WWW_DIR__">
+ Options -Indexes
+ </Directory>
+ # Secure internal stuff
+ <DirectoryMatch "__OPAC_WWW_DIR__/.*/(modules|xslt|includes)">
+ Order deny,allow
+ Deny from all
+ </DirectoryMatch>
+
<IfModule mod_gzip.c>
mod_gzip_on yes
mod_gzip_dechunk yes
@@ -119,6 +128,16 @@
ErrorDocument 404 /cgi-bin/koha/errors/404.pl
ErrorDocument 500 /cgi-bin/koha/errors/500.pl
+ <Directory "__INTRANET_WWW_DIR__">
+ Options -Indexes
+ </Directory>
+
+ # Secure internal stuff
+ <DirectoryMatch "__INTRANET_WWW_DIR__/.*/(modules|xslt|includes)">
+ Order deny,allow
+ Deny from all
+ </DirectoryMatch>
+
<IfModule mod_gzip.c>
mod_gzip_on yes
mod_gzip_dechunk yes
--
1.7.10.4
More information about the Koha-patches
mailing list