Add .htaccess files to deny access to config, temp, logs + describe how to protect access to these directories in the INSTALL instructions (#1490378)
3 files added
1 files modified
| | |
| | | php_value upload_max_filesize 2M |
| | | |
| | | |
| | | SECURE YOUR INSTALLATION |
| | | ======================== |
| | | |
| | | Access through the webserver to the following directories should be denied: |
| | | |
| | | /config |
| | | /temp |
| | | /logs |
| | | |
| | | Roundcube uses .htaccess files to protect these directories, so be sure to |
| | | allow override of the Limit directives to get them taken into account. The |
| | | package also ships a .htaccess file in the root directory which defines some |
| | | rewrite rules. In order to properly secure your installation, please enable |
| | | mod_rewrite for Apache webserver and double check access to the above listed |
| | | directories and their contents is denied. |
| | | |
| | | |
| | | UPGRADING |
| | | ========= |
| | | |
New file |
| | |
| | | # deny webserver access to this directory |
| | | Deny from all |
New file |
| | |
| | | # deny webserver access to this directory |
| | | Deny from all |
New file |
| | |
| | | # deny webserver access to this directory |
| | | Deny from all |