From 393f13a4022de3eb44228bc75391733abec49054 Mon Sep 17 00:00:00 2001 From: "jake%bugzilla.org" <> Date: Sat, 1 Feb 2003 12:56:16 +0000 Subject: Recompiling the docs because of the large change to the installation section just checked in. --- docs/html/security.html | 149 +----------------------------------------------- 1 file changed, 2 insertions(+), 147 deletions(-) (limited to 'docs/html/security.html') diff --git a/docs/html/security.html b/docs/html/security.html index dc4b5b7c4..8d1b047d0 100644 --- a/docs/html/security.html +++ b/docs/html/security.html @@ -446,156 +446,11 @@ CLASS="filename" is provided for those that want to know exactly what is created.

Note the instructions which follow are Apache-specific. If you +>FIX ME BEFORE RELEASE!!!!! + Note the instructions which follow are Apache-specific. If you use IIS, Netscape, or other non-Apache web servers, please consult your system documentation for how to secure these files from being transmitted to curious users.

$BUGZILLA_HOME/.htaccess -

# don't allow people to retrieve non-cgi executable files or our private data
-<FilesMatch ^(.*\.pl|.*localconfig.*|processmail|runtests.sh)$>
-  deny from all
-</FilesMatch>
-<FilesMatch ^(localconfig.js|localconfig.rdf)$>
-  allow from all
-</FilesMatch>
-        
-

$BUGZILLA_HOME/data/.htaccess -

# nothing in this directory is retrievable unless overriden by an .htaccess
-# in a subdirectory; the only exception is duplicates.rdf, which is used by
-# duplicates.xul and must be loadable over the web
-deny from all
-<Files duplicates.rdf>
-  allow from all
-</Files>
-        
-

$BUGZILLA_HOME/data/webdot -

# Restrict access to .dot files to the public webdot server at research.att.com 
-# if research.att.com ever changed their IP, or if you use a different
-# webdot server, you'll need to edit this
-<FilesMatch ^[0-9]+\.dot$>
-  Allow from 192.20.225.10
-  Deny from all
-</FilesMatch>
-
-# Allow access by a local copy of 'dot' to .png, .gif, .jpg, and
-# .map files
-<FilesMatch ^[0-9]+\.(png|gif|jpg|map)$>
-  Allow from all
-</FilesMatch>
-
-# And no directory listings, either.
-Deny from all
-        
-

$BUGZILLA_HOME/Bugzilla/.htaccess -

# nothing in this directory is retrievable unless overriden by an .htaccess
-# in a subdirectory
-deny from all
-         
-

$BUGZILLA_HOME/template/.htaccess -

# nothing in this directory is retrievable unless overriden by an .htaccess
-# in a subdirectory
-deny from all
-         
-

-- cgit v1.2.3-24-g4f1b