138 lines
4.8 KiB
Plaintext
138 lines
4.8 KiB
Plaintext
# Example httpd.conf file for TWiki.
|
|
#
|
|
# You are recommended to take a copy of this file and edit
|
|
# the paths to match your installation. Then add:
|
|
# include "/home/httpd/twiki/twiki_httpd.conf"
|
|
# to the end of your main httpd.conf file.
|
|
#
|
|
|
|
# The first parameter will be part of the URL to your installation e.g.
|
|
# http://my.co.uk/twiki/bin/view/...
|
|
# The second parameter must point to the physical path on your disk. Be
|
|
# careful not to lose any trailing /'s.
|
|
|
|
#### Change the _second_ path to match your local installation
|
|
ScriptAlias /twiki/bin/ "/home/httpd/twiki/bin/"
|
|
|
|
# This defines a url that points to the root of the twiki installation. It is
|
|
# used to access files in the pub directory (attachments etc)
|
|
# It must come _after_ the ScriptAlias.
|
|
|
|
#### Change the path to match your local installation
|
|
Alias /twiki/ "/home/httpd/twiki/"
|
|
|
|
|
|
# We set an environment variable called anonymous_spider
|
|
# Setting a BrowserMatchNoCase to ^$ is important. It prevents TWiki from
|
|
# including its own topics as URLs and also prevents other TWikis from
|
|
# doing the same. This is important to prevent the most obvious
|
|
# Denial of Service attacks.
|
|
# You can expand this by adding more BrowserMatchNoCase statements to
|
|
# block evil browser agents trying the impossible task of mirroring a twiki
|
|
# Example:
|
|
# BrowserMatchNoCase ^SiteSucker anonymous_spider
|
|
BrowserMatchNoCase ^$ anonymous_spider
|
|
|
|
|
|
# This specifies the options on the TWiki scripts directory. The ExecCGI
|
|
# and SetHandler tell apache that it contains scripts. "Allow from all"
|
|
# lets any IP address access this URL.
|
|
|
|
#### Change the path to match your local installation
|
|
<Directory "/home/httpd/twiki/bin">
|
|
AllowOverride None
|
|
Order Allow,Deny
|
|
Allow from all
|
|
Deny from env=anonymous_spider
|
|
|
|
Options ExecCGI FollowSymLinks
|
|
SetHandler cgi-script
|
|
|
|
# Password file for TWiki users
|
|
AuthUserFile /var/www/twiki/data/.htpasswd
|
|
AuthName 'Enter your WikiName: (First name and last name, no space, no dots, capitalized, e.g. JohnSmith). Cancel to register if you do not have one.'
|
|
AuthType Basic
|
|
|
|
# File to return on access control error (e.g. wrong password)
|
|
# By convention this is the TWikiRegistration page, that allows users
|
|
# to register with the TWiki. Apache requires this to be a *local* path.
|
|
ErrorDocument 401 /twiki/bin/view/TWiki/TWikiRegistration
|
|
|
|
# Limit access to configure to specific IP addresses and or users.
|
|
# Make sure configure is not open to the general public.
|
|
# The configure script is designed for administrators only.
|
|
# The script itself and the information it reveals can be abused by
|
|
# attackers if not properly protected against public access.
|
|
# Replace JohnDoe with the login name of the administrator
|
|
<FilesMatch "^configure.*">
|
|
SetHandler cgi-script
|
|
Order Deny,Allow
|
|
Deny from all
|
|
Allow from 127.0.0.1, 192.168.1.10
|
|
Require user JohnDoe
|
|
Satisfy Any
|
|
</FilesMatch>
|
|
|
|
# When using Apache type login the following defines the TWiki scripts
|
|
# that makes Apache ask the browser to authenticate. It is correct that
|
|
# scripts such as view are not authenticated. (un-comment to activate)
|
|
#<FilesMatch "(attach|edit|manage|rename|save|upload|mail|logon|.*auth).*">
|
|
# require valid-user
|
|
#</FilesMatch>
|
|
|
|
</Directory>
|
|
|
|
|
|
# This sets the options on the pub directory, which contains attachments and
|
|
# other files like CSS stylesheets and icons. AllowOverride None stops a
|
|
# user installing a .htaccess file that overrides these options.
|
|
# Finally all execution of PHP and other scripts is disabled.
|
|
|
|
# Note that files in pub are *not* protected by TWiki Access Controls,
|
|
# so if you want to control access to files attached to topics, you may
|
|
# need to add your own .htaccess files to subdirectories of pub. See the
|
|
# Apache documentation on .htaccess for more info.
|
|
|
|
#### Change the path to match your local installation
|
|
<Directory "/home/httpd/twiki/pub">
|
|
Options None
|
|
AllowOverride Limit
|
|
Allow from all
|
|
|
|
# If you have PHP4 or PHP5 installed make sure the directive below is enabled
|
|
# If you do not have PHP installed you will need to comment out the directory below
|
|
# to avoid errors.
|
|
php_admin_flag engine off
|
|
|
|
#If you have PHP3 installed make sure the directive below is enabled
|
|
#php3_engine off
|
|
|
|
# This line will redefine the mime type for the most common types of scripts
|
|
# It will also deliver HTML files as if they are text files
|
|
AddType text/plain .html .htm .shtml .php .php3 .phtml .phtm .pl .py .cgi
|
|
</Directory>
|
|
|
|
# Security note: All other directories should be set so
|
|
# that they are *not* visible as URLs, so we set them as =deny from all=.
|
|
|
|
#### Change the paths to match your local installation
|
|
<Directory "/home/httpd/twiki/data">
|
|
deny from all
|
|
</Directory>
|
|
|
|
<Directory "/home/httpd/twiki/templates">
|
|
deny from all
|
|
</Directory>
|
|
|
|
<Directory "/home/httpd/twiki/lib">
|
|
deny from all
|
|
</Directory>
|
|
|
|
<Directory "/home/httpd/twiki/tools">
|
|
deny from all
|
|
</Directory>
|
|
|
|
<Directory "/home/httpd/twiki/locale">
|
|
deny from all
|
|
</Directory>
|