From 913f68b91f16bd364d9709c85ac120f061913087 Mon Sep 17 00:00:00 2001
From: Frédéric Buclin <LpSolit@gmail.com>
Date: Wed, 29 Aug 2012 00:06:46 +0200
Subject: Bug 785511: Prevent directory browsing, especially in docs/ and
 extensions/ r=dkl a=LpSolit

---
 docs/en/xml/installation.xml | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)

(limited to 'docs')

diff --git a/docs/en/xml/installation.xml b/docs/en/xml/installation.xml
index 8c5c29b8e..18de454b9 100644
--- a/docs/en/xml/installation.xml
+++ b/docs/en/xml/installation.xml
@@ -1056,19 +1056,20 @@ SetEnv LD_LIBRARY_PATH /u01/app/oracle/product/10.2.0/lib/
                 <programlisting>
 &lt;Directory /var/www/html/bugzilla&gt;
 AddHandler cgi-script .cgi
-Options +Indexes +ExecCGI
-DirectoryIndex index.cgi
-AllowOverride Limit FileInfo Indexes
+Options +ExecCGI
+DirectoryIndex index.cgi index.html
+AllowOverride Limit FileInfo Indexes Options
 &lt;/Directory&gt;
                 </programlisting>
     
                 <para>
                 These instructions: allow apache to run .cgi files found
                 within the bugzilla directory; instructs the server to look
-                for a file called <filename>index.cgi</filename> if someone
+                for a file called <filename>index.cgi</filename> or, if not
+                found, <filename>index.html</filename> if someone
                 only types the directory name into the browser; and allows
                 Bugzilla's <filename>.htaccess</filename> files to override
-                global permissions.
+                some global permissions.
                 </para>
     
                 <note>
-- 
cgit v1.2.3-24-g4f1b