Attachment 5846 Details for Bug 14993 – Patch suggestion for SOURCES/zarafa-webaccess.conf

[patch] Patch suggestion for SOURCES/zarafa-webaccess.conf

zarafa-webaccess.patch (text/plain), 1.01 KB, created by Robert Scheck on 2015-01-29 23:12:48 CET

(hide)

Description:

Filename:

MIME Type:

Creator: Robert Scheck

Created: 2015-01-29 23:12:48 CET

Size: 1.01 KB

patch

obsolete

>--- zarafa-webaccess.conf		2015-01-29 23:06:41.000000000 +0100
>+++ zarafa-webaccess.conf.rsc		2015-01-29 23:06:34.000000000 +0100
>@@ -8,8 +8,19 @@
> #
> <Directory /usr/share/zarafa-webaccess/>
>     # Some apache settings
>+    DirectoryIndex index.php
>     Options -Indexes +FollowSymLinks
> 
>+    <IfModule mod_authz_core.c>
>+        # Apache 2.4
>+        Require all granted
>+    </IfModule>
>+    <IfModule !mod_authz_core.c>
>+        # Apache 2.2
>+        Order allow,deny
>+        Allow from all
>+    </IfModule>
>+
>     # Register globals must be off
>     php_flag register_globals off
> 
>@@ -25,6 +36,11 @@
>     # Short open tags must be on
>     php_flag short_open_tag on
> 
>+    # Uncomment to enhance security of WebAccess by restricting cookies
>+    # to only be provided over HTTPS connections
>+#    php_flag session.cookie_secure on
>+#    php_flag session.cookie_httponly on
>+
>     # Uncomment for debugging purposes only. Make sure Apache/PHP can
>     # write to this file or no errors will be logged!
> #    php_flag log_errors on

--- zarafa-webaccess.conf		2015-01-29 23:06:41.000000000 +0100
+++ zarafa-webaccess.conf.rsc		2015-01-29 23:06:34.000000000 +0100
@@ -8,8 +8,19 @@
 #
 <Directory /usr/share/zarafa-webaccess/>
     # Some apache settings
+    DirectoryIndex index.php
     Options -Indexes +FollowSymLinks
 
+    <IfModule mod_authz_core.c>
+        # Apache 2.4
+        Require all granted
+    </IfModule>
+    <IfModule !mod_authz_core.c>
+        # Apache 2.2
+        Order allow,deny
+        Allow from all
+    </IfModule>
+
     # Register globals must be off
     php_flag register_globals off
 
@@ -25,6 +36,11 @@
     # Short open tags must be on
     php_flag short_open_tag on
 
+    # Uncomment to enhance security of WebAccess by restricting cookies
+    # to only be provided over HTTPS connections
+#    php_flag session.cookie_secure on
+#    php_flag session.cookie_httponly on
+
     # Uncomment for debugging purposes only. Make sure Apache/PHP can
     # write to this file or no errors will be logged!
 #    php_flag log_errors on

Actions: View | Diff

Attachments on bug 14993: 5846 | 5847 | 5848