Tightening up security and adding comments

git-svn-id: https://ledger-smb.svn.sourceforge.net/svnroot/ledger-smb/trunk@1696 4979c152-3d1c-0410-bac9-87ea11338e46
author: einhverfr <einhverfr@4979c152-3d1c-0410-bac9-87ea11338e46> 2007-10-04 01:50:45 +0000
committer: einhverfr <einhverfr@4979c152-3d1c-0410-bac9-87ea11338e46> 2007-10-04 01:50:45 +0000
commit: 8a88bbdc15f062c49dade1d3e5d07bac1dbb70c7 (patch)
tree: ba7f8ca39faf1c137ff0ef2d4e12cc4b012b5a0d /ledgersmb-httpd.conf
parent: 5351ebb1754ab83bcb4bb15c92066e776ee28b39 (diff)
1 files changed, 15 insertions, 1 deletions
diff --git a/ledgersmb-httpd.conf b/ledgersmb-httpd.conf
index d7ab614d..f3460ffb 100644
--- a/ledgersmb-httpd.conf
+++ b/ledgersmb-httpd.conf
@@ -1,13 +1,27 @@
+# This file must be edited to substitute the current path with WORKING_DIR
+
 Alias /ledgersmb WORKING_DIR/
 
 <Directory WORKING_DIR>
+
+  # Rewrite rule to allow HTTP Authorization information to the scripts only
+  # from this directory.
   RewriteEngine On
   RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]
+
   AllowOverride All
   AddHandler cgi-script .pl
   Options ExecCGI Includes FollowSymlinks
+
+  # By default, only allow from localhost.  If you change this, please be
+  # advised that you should use SSL protection on any and all network
+  # connections that access this application in order to protect usernames and
+  # passwords.
   Order Allow,Deny
-  Allow from All
+  Allow from 127.0.0.1
+  Deny from All
+
+  # The rest of this file just tightens up security.
   <Files ~ "\.conf$">
     Order Deny,Allow
     Deny from All
author	einhverfr <einhverfr@4979c152-3d1c-0410-bac9-87ea11338e46>	2007-10-04 01:50:45 +0000
committer	einhverfr <einhverfr@4979c152-3d1c-0410-bac9-87ea11338e46>	2007-10-04 01:50:45 +0000
commit	8a88bbdc15f062c49dade1d3e5d07bac1dbb70c7 (patch)
tree	ba7f8ca39faf1c137ff0ef2d4e12cc4b012b5a0d /ledgersmb-httpd.conf
parent	5351ebb1754ab83bcb4bb15c92066e776ee28b39 (diff)