From 8a88bbdc15f062c49dade1d3e5d07bac1dbb70c7 Mon Sep 17 00:00:00 2001
From: einhverfr <einhverfr@4979c152-3d1c-0410-bac9-87ea11338e46>
Date: Thu, 4 Oct 2007 01:50:45 +0000
Subject: Tightening up security and adding comments

git-svn-id: https://ledger-smb.svn.sourceforge.net/svnroot/ledger-smb/trunk@1696 4979c152-3d1c-0410-bac9-87ea11338e46
---
 ledgersmb-httpd.conf | 16 +++++++++++++++-
 1 file changed, 15 insertions(+), 1 deletion(-)

(limited to 'ledgersmb-httpd.conf')

diff --git a/ledgersmb-httpd.conf b/ledgersmb-httpd.conf
index d7ab614d..f3460ffb 100644
--- a/ledgersmb-httpd.conf
+++ b/ledgersmb-httpd.conf
@@ -1,13 +1,27 @@
+# This file must be edited to substitute the current path with WORKING_DIR
+
 Alias /ledgersmb WORKING_DIR/
 
 <Directory WORKING_DIR>
+
+  # Rewrite rule to allow HTTP Authorization information to the scripts only
+  # from this directory.
   RewriteEngine On
   RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]
+
   AllowOverride All
   AddHandler cgi-script .pl
   Options ExecCGI Includes FollowSymlinks
+
+  # By default, only allow from localhost.  If you change this, please be
+  # advised that you should use SSL protection on any and all network
+  # connections that access this application in order to protect usernames and
+  # passwords.
   Order Allow,Deny
-  Allow from All
+  Allow from 127.0.0.1
+  Deny from All
+
+  # The rest of this file just tightens up security.
   <Files ~ "\.conf$">
     Order Deny,Allow
     Deny from All
-- 
cgit v1.2.3