pub-htaccess.txt
author Colas Nahaboo <colas@nahaboo.net>
Sat, 26 Jan 2008 15:50:53 +0100
changeset 0 414e01d06fd5
child 1 e2915a7cbdfa
permissions -rw-r--r--
RELEASE 4.2.0 freetown
colas@0
     1
# Sample '.htaccess' file for 'pub' subdirectory
colas@0
     2
colas@0
     3
# Controls access to TWiki 'pub' subdirectory - copy this into 'pub', 
colas@0
     4
# naming it '.htaccess', to have Apache use it.
colas@0
     5
colas@0
     6
# This is useful if you install TWiki on a web host, or an intranet host
colas@0
     7
# where you can't edit the Apache http.conf file.  If you can edit the
colas@0
     8
# http.conf file, just set the 'Allow from all' there (or locate these
colas@0
     9
# directories outside the Web-visible directory tree.)
colas@0
    10
colas@0
    11
# Allow all access
colas@0
    12
Allow from all
colas@0
    13
colas@0
    14
# Deny people from looking at the index
colas@0
    15
# Bare in mind that this is largely inadequate
colas@0
    16
# See http://twiki.org/cgi-bin/view/Codev/SecuringAttachments
colas@0
    17
# and http://develop.twiki.org/~develop/cgi-bin/view/Bugs/Item610
colas@0
    18
# If you think you have a solution it is in your best interests to share it 
colas@0
    19
# so others can test your idea.
colas@0
    20
Options None
colas@0
    21
colas@0
    22
# We need to protect the entire pub directory tree against any kind of script execution
colas@0
    23
# TWiki has a renaming protection scheme that alters certain file names to prevent
colas@0
    24
# script execution but it may not be 100% safe only to rely on this. The safest
colas@0
    25
# protection is to disabled all scripting.
colas@0
    26
colas@0
    27
# If you have PHP4 or PHP5 installed make sure the directive below is enabled
colas@0
    28
# If you do not have PHP installed you will need to comment out the directory below
colas@0
    29
# to avoid errors.
colas@0
    30
php_flag engine off
colas@0
    31
colas@0
    32
#If you have PHP3 installed make sure the directive below is enabled
colas@0
    33
#php3_engine off
colas@0
    34
colas@0
    35
# This line will redefine the mime type for the most common types of scripts
colas@0
    36
AddType text/plain .shtml .php .php3 .phtml .phtm .pl .py .cgi
colas@0
    37
colas@0
    38
#add an Expires header that is sufficiently in the future that the browser does not even ask if its uptodate
colas@0
    39
# reducing the load on the server significantly
colas@0
    40
#IF you can, you should enable this - it _will_ improve your twiki experience, even if you set it to under one day.
colas@0
    41
#LoadModule expires_module libexec/httpd/mod_expires.so
colas@0
    42
#AddModule mod_expires.c
colas@0
    43
#<ifmodule mod_expires.c>
colas@0
    44
#  <filesmatch "\.(jpg|gif|png|css|js)$">
colas@0
    45
#       ExpiresActive on
colas@0
    46
#       ExpiresDefault "access plus 11 days"
colas@0
    47
#   </filesmatch>
colas@0
    48
#</ifmodule>
colas@0
    49
#Add ETags too
colas@0
    50
FileETag MTime Size