diff options
| author | Louise Crow <louise.crow@gmail.com> | 2014-11-21 17:28:21 +0000 |
|---|---|---|
| committer | Louise Crow <louise.crow@gmail.com> | 2014-12-22 17:20:11 +0000 |
| commit | 0a1a3536d2d2edb068f84b4a1c21c567ff51ea6a (patch) | |
| tree | 5f4ed0be29bbb73ce672abd49283ee43eed8ccf1 | |
| parent | ba0a52a98a916cb006fd18465c8e32aeeff2debe (diff) | |
Don't allow script execution from the cache directory
| -rw-r--r-- | config/httpd.conf-example | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/config/httpd.conf-example b/config/httpd.conf-example index 1326252f5..584c33b68 100644 --- a/config/httpd.conf-example +++ b/config/httpd.conf-example @@ -43,6 +43,13 @@ RewriteMap escape int:escape RewriteCond %{DOCUMENT_ROOT}/views_cache/request/$2/$1/${escape:$3} -f RewriteRule ^/request/((\d{1,3})\d*)/(response/\d+/attach/(html/)?\d+/.+) /views_cache/request/$2/$1/${escape:$3} [L] +# Don't allow anything to execute from the cache +<Directory "/var/www/alaveteli/public/views_cache"> + Options -ExecCGI + SetHandler default-handler + AllowOverride None +</Directory> + <IfModule mod_passenger.c> # Set this to something like 100 if you have memory leak issues @@ -69,3 +76,4 @@ RewriteRule ^/request/((\d{1,3})\d*)/(response/\d+/attach/(html/)?\d+/.+) /views AddOutputFilterByType DEFLATE font/opentype font/truetype font/eot AddOutputFilterByType DEFLATE image/svg+xml </IFModule> + |