Fixed: FS#1620 - [Security] No Access in additional php.ini

3a741161 · tbrehm · 083b1972 · 3a741161 · 3a741161
Commit 3a741161 authored May 17, 2011 by tbrehm
Hide whitespace changes
Inline Side-by-side

Showing with 15 additions and 3 deletions

install/tpl/apache_ispconfig.conf.master install/tpl/apache_ispconfig.conf.master +6 -0

server/conf/apache_ispconfig.conf.master server/conf/apache_ispconfig.conf.master +9 -3

No files found.
--- a/install/tpl/apache_ispconfig.conf.master
+++ b/install/tpl/apache_ispconfig.conf.master
@@ -20,6 +20,12 @@ CustomLog "| /usr/local/ispconfig/server/scripts/vlogger -s access.log -t \"%Y%m
       Deny from all
 </Directory>

+<Directory /var/www/conf>
+    AllowOverride None
+    Order Deny,Allow
+    Deny from all
+</Directory>
+
 # Except of the following directories that contain website scripts
 <Directory /usr/share/phpmyadmin>
        Order allow,deny

--- a/server/conf/apache_ispconfig.conf.master
+++ b/server/conf/apache_ispconfig.conf.master
@@ -14,9 +14,15 @@ CustomLog "| /usr/local/ispconfig/server/scripts/vlogger -s access.log -t \"%Y%m

 # Do not allow access to the root file system of the server for security reasons
 <Directory />
-       AllowOverride None
-       Order Deny,Allow
-       Deny from all
+    AllowOverride None
+    Order Deny,Allow
+    Deny from all
+</Directory>
+
+<Directory /var/www/conf>
+    AllowOverride None
+    Order Deny,Allow
+    Deny from all
 </Directory>

 # Except of the following directories that contain website scripts