[packages/apache] secure access to vcs files
glen
glen at pld-linux.org
Sat Oct 31 01:08:12 CET 2015
commit 2a2808190f27882f841068874e98291acf511432
Author: Elan Ruusamäe <glen at delfi.ee>
Date: Sat Oct 31 02:08:04 2015 +0200
secure access to vcs files
apache-common.conf | 15 +++++++++------
apache.spec | 2 +-
2 files changed, 10 insertions(+), 7 deletions(-)
---
diff --git a/apache.spec b/apache.spec
index ae19545..eee8c96 100644
--- a/apache.spec
+++ b/apache.spec
@@ -35,7 +35,7 @@ Summary(ru.UTF-8): Самый популярный веб-сервер
Summary(tr.UTF-8): Lider WWW tarayıcı
Name: apache
Version: 2.4.17
-Release: 1
+Release: 2
License: Apache v2.0
Group: Networking/Daemons/HTTP
Source0: http://www.apache.org/dist/httpd/httpd-%{version}.tar.bz2
diff --git a/apache-common.conf b/apache-common.conf
index 8b1b751..6ffd634 100644
--- a/apache-common.conf
+++ b/apache-common.conf
@@ -24,8 +24,10 @@ DocumentRoot "/home/services/httpd/html"
</IfModule>
</Directory>
-# Prevent .htaccess and .htpasswd files from being viewed by Web clients.
-<Files ".ht*">
+# Prevent access to:
+# - .htaccess and .htpasswd files
+# - backup files from being viewed
+<FilesMatch "^(\.ht.*|.*~|.*,v)$">
<IfModule mod_authz_host.c>
Require all denied
</IfModule>
@@ -33,10 +35,11 @@ DocumentRoot "/home/services/httpd/html"
Order deny,allow
Deny from all
</IfModule>
-</Files>
+</FilesMatch>
-# Prevent backup files from being viewed, too.
-<Files "*~">
+# Prevent access to:
+# - version control directories
+<DirectoryMatch "/\.(svn|git|hg|bzr)|CVS)/?">
<IfModule mod_authz_host.c>
Require all denied
</IfModule>
@@ -44,7 +47,7 @@ DocumentRoot "/home/services/httpd/html"
Order deny,allow
Deny from all
</IfModule>
-</Files>
+</DirectoryMatch>
#
# This should be changed to whatever you set DocumentRoot to.
================================================================
---- gitweb:
http://git.pld-linux.org/gitweb.cgi/packages/apache.git/commitdiff/2a2808190f27882f841068874e98291acf511432
More information about the pld-cvs-commit
mailing list