From 913f68b91f16bd364d9709c85ac120f061913087 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20Buclin?= Date: Wed, 29 Aug 2012 00:06:46 +0200 Subject: Bug 785511: Prevent directory browsing, especially in docs/ and extensions/ r=dkl a=LpSolit --- docs/en/xml/installation.xml | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) (limited to 'docs/en/xml') diff --git a/docs/en/xml/installation.xml b/docs/en/xml/installation.xml index 8c5c29b8e..18de454b9 100644 --- a/docs/en/xml/installation.xml +++ b/docs/en/xml/installation.xml @@ -1056,19 +1056,20 @@ SetEnv LD_LIBRARY_PATH /u01/app/oracle/product/10.2.0/lib/ <Directory /var/www/html/bugzilla> AddHandler cgi-script .cgi -Options +Indexes +ExecCGI -DirectoryIndex index.cgi -AllowOverride Limit FileInfo Indexes +Options +ExecCGI +DirectoryIndex index.cgi index.html +AllowOverride Limit FileInfo Indexes Options </Directory> These instructions: allow apache to run .cgi files found within the bugzilla directory; instructs the server to look - for a file called index.cgi if someone + for a file called index.cgi or, if not + found, index.html if someone only types the directory name into the browser; and allows Bugzilla's .htaccess files to override - global permissions. + some global permissions. -- cgit v1.2.1