Bug#373235: [pkg-horde] Bug#373235: update for README.Debian for
danno at internet2.edu
Wed Jun 14 13:36:10 UTC 2006
On Wed, Jun 14, 2006 at 11:56:43AM +0200, Ola Lundqvist wrote:
> > Options Indexes MultiViews FollowSymLinks
> > AllowOverride None
> > Order deny,allow
> > Deny from all
> > Allow from 127.0.0.1 # ADD YOUR NET HERE
> > </Directory>
> > For security during configuration, you'll need to put the IP address or
> > network block *of the system where you are running your web browser*
> > to the "Allow From" line. Once you are done, you can probably say
> > "Allow from all".
> Currently configuration is disabled by default, so it is not needed
> for security reasons... Or?
I agree that this isn't really necessary - it would just limit
the exposure during the time the user is configuring horde, before
they install the generated configuration.
Not a problem at all if they copy-n-paste their configuration files.
Potentially a problem if they make /etc/horde/ writeable by the web
server and then never finish their configuration.
> > It wouldn't hurt my feelings if you got rid of the default deny from
> > the example configuration, I can imagine that might generate lots of
> > support requests.
> I have not got a single one in the last months, so no I think it is pretty
> clear... :)
I meant the additions I was suggesting.
dan pritts - systems administrator - internet2
734/352-4953 office 734/834-7224 mobile
More information about the pkg-horde-hackers