Forum
URL rewrite rules for Roundcube
Cristian Gilè
9 February 2010, 02:53
Hi Hugo,
I made some updates to the Roundcube URL rewrite rules.
In the HOW TO document access is denied only for logs, temp and config directories.
Why not also deny direct access to program, skins, plugins and bin directories?
Thanks
Cristian
Hiawatha version: 6.19
Operating System: Ubuntu 8.04
I made some updates to the Roundcube URL rewrite rules.
In the HOW TO document access is denied only for logs, temp and config directories.
Why not also deny direct access to program, skins, plugins and bin directories?
UrlToolkit {
ToolkitID = roundcube
Match (/.*\.inc|^_.*) DenyAccess
Match /mail/logs/.* DenyAccess
Match /mail/temp/.* DenyAccess
Match /mail/config/.* DenyAccess
Match /mail/program/.* DenyAccess
Match /mail/skins/.* DenyAccess
Match /mail/plugins/.* DenyAccess
Match /mail/bin/.* DenyAccess
}
Thanks
Cristian
Hiawatha version: 6.19
Operating System: Ubuntu 8.04
Hugo Leisink
9 February 2010, 09:52
I've looked at what RoundCube under Apache does via .htaccess files. I've rewritten those to a Hiawatha rule.
The extra directories you've added don't look harmful.
The extra directories you've added don't look harmful.
This topic has been closed.
Copyright © by Hugo Leisink. All rights reserved.
Built upon the Banshee PHP framework.
Built upon the Banshee PHP framework.
