On Wed, Jun 14, 2006 at 11:56:43AM +0200, Ola Lundqvist wrote: > > Options Indexes MultiViews FollowSymLinks > > AllowOverride None > > Order deny,allow > > Deny from all > > Allow from 127.0.0.1 # ADD YOUR NET HERE > > </Directory> > > > > For security during configuration, you'll need to put the IP address or > > network block *of the system where you are running your web browser* > > to the "Allow From" line. Once you are done, you can probably say > > "Allow from all". > > Currently configuration is disabled by default, so it is not needed > for security reasons... Or? I agree that this isn't really necessary - it would just limit the exposure during the time the user is configuring horde, before they install the generated configuration.
Not a problem at all if they copy-n-paste their configuration files. Potentially a problem if they make /etc/horde/ writeable by the web server and then never finish their configuration. > > It wouldn't hurt my feelings if you got rid of the default deny from > > the example configuration, I can imagine that might generate lots of > > support requests. > > I have not got a single one in the last months, so no I think it is pretty > clear... :) I meant the additions I was suggesting. thanks danno -- dan pritts - systems administrator - internet2 734/352-4953 office 734/834-7224 mobile -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
