You are here: Foswiki>Tasks Web>Item14047 (11 Aug 2016, GeorgeClark)Edit Attach

Item14047: sample .htaccess files are too complex

pencil
Priority: Normal
Current State: Closed
Released In: 2.1.1
Target Release: patch
Applies To: Engine
Component: Documentation
Branches: Release02x01 master Item14033 Item13897
Reported By: GeorgeClark
Waiting For:
Last Change By: GeorgeClark
The example bin-htaccess.txt is especially complex, with examples for LDAP, and Apache auth.

This task is to split this sample into bin-htaccess-basic.txt and bin-htaccess-advanced.txt. For Apache 2.2, or 2.4 with mod_access_compat enabled, we should be able to have a file that works without any tailoring.

  • The FollowSymLinks option could be enabled by default. It's low risk to enable, as there is no known path for a user to use Foswiki to create a symlink. and will make foswiki more likely to work "out of the box"
  • We also should block access to the LocalLib files. They can't actually be accessed, but no sense leaving them reachable.
  • Also add in commented Apache 2.4 style auth statements, in the event that mod_access_compat is not enabled

-- GeorgeClark - 11 Apr 2016

 
Topic revision: r5 - 11 Aug 2016, GeorgeClark - This page was cached on 18 Nov 2017 - 18:38.

The copyright of the content on this website is held by the contributing authors, except where stated elsewhere. See Copyright Statement. Creative Commons License