From 3a7411613ddeebd47a92590a14002d84b81f19e6 Mon Sep 17 00:00:00 2001
From: tbrehm <t.brehm@ispconfig.org>
Date: Tue, 17 May 2011 06:23:31 -0400
Subject: [PATCH] Fixed: FS#1620 - [Security] No Access in additional php.ini

---
 server/conf/apache_ispconfig.conf.master |   12 +++++++++---
 install/tpl/apache_ispconfig.conf.master |    6 ++++++
 2 files changed, 15 insertions(+), 3 deletions(-)

diff --git a/install/tpl/apache_ispconfig.conf.master b/install/tpl/apache_ispconfig.conf.master
index eefb0ca..fe9e54a 100644
--- a/install/tpl/apache_ispconfig.conf.master
+++ b/install/tpl/apache_ispconfig.conf.master
@@ -20,6 +20,12 @@
        Deny from all
 </Directory>
 
+<Directory /var/www/conf>
+    AllowOverride None
+    Order Deny,Allow
+    Deny from all
+</Directory>
+
 # Except of the following directories that contain website scripts
 <Directory /usr/share/phpmyadmin>
         Order allow,deny
diff --git a/server/conf/apache_ispconfig.conf.master b/server/conf/apache_ispconfig.conf.master
index 42d86ae..8723d93 100644
--- a/server/conf/apache_ispconfig.conf.master
+++ b/server/conf/apache_ispconfig.conf.master
@@ -14,9 +14,15 @@
 
 # Do not allow access to the root file system of the server for security reasons
 <Directory />
-       AllowOverride None
-       Order Deny,Allow
-       Deny from all
+    AllowOverride None
+    Order Deny,Allow
+    Deny from all
+</Directory>
+
+<Directory /var/www/conf>
+    AllowOverride None
+    Order Deny,Allow
+    Deny from all
 </Directory>
 
 # Except of the following directories that contain website scripts

--
Gitblit v1.9.1