3
# Controls access to Foswiki scripts - to make Apache use it, rename this
4
# file to '.htaccess' and REPLACE THE FOLLOWING STRINGS WHEREVER YOU SEE
5
# THEM IN THIS FILE WITH PATHS SPECIFIC TO YOUR INSTALLATION.
6
# Most required values can be seen in the Path Settings section of
9
# Replace {DataDir} with the value from =configure=
10
# Replace {DefaultUrlHost} with the value from =configure=
11
# Replace {ScriptUrlPath} with the value from =configure=
12
# Replace {Administrators} with a space-separated list of the login
13
# name(s) of the person(s) allowed to run the configure script
14
# e.g. admin root superhero
16
# We set an environment variable called anonymous_spider
17
# Setting a BrowserMatchNoCase to ^$ is important. It prevents Foswiki from
18
# including its own topics as URLs and also prevents other Foswikis from
19
# doing the same. This is important to prevent the most obvious
20
# Denial of Service attacks.
21
# You can expand this by adding more BrowserMatchNoCase statements to
22
# block evil browser agents trying the impossible task of mirroring a Foswiki
24
# BrowserMatchNoCase ^SiteSucker anonymous_spider
25
BrowserMatchNoCase ^$ anonymous_spider
27
# Now set default access rights.
30
Deny from env=anonymous_spider
32
# Use CGI & Perl to handle all files in 'bin' directory, i.e. run as scripts -
33
# this should remove the need to rename files to end in '.pl' etc, if your web
34
# hosting provider permits this. Remove if using mod_perl. Look at
35
# http://foswiki.org/Extensions/FastCGIEngineContrib to get info about FastCGI
37
#SetHandler cgi-script
39
# Password file for Foswiki users
42
# Authentication type (htpasswd file) (comment out this if you configure htpasswd / LDAP support)
43
AuthUserFile /data/web/4d/15/05/flossk.tuxfamily.org/htdocs/foswiki/data/.htpasswd
44
AuthName 'Enter your WikiName: (First name and last name, no space, no dots, capitalized, e.g. JohnSmith). Cancel to register if you do not have one.'
47
#for htdigest password suport uncomment the following
48
#AuthDigestDomain {DefaultUrlHost}{ScriptUrlPath}/viewauth {DefaultUrlHost}{ScriptUrlPath}/edit {DefaultUrlHost}{ScriptUrlPath}/preview {DefaultUrlHost}{ScriptUrlPath}/save {DefaultUrlHost}{ScriptUrlPath}/attach {DefaultUrlHost}{ScriptUrlPath}/upload {DefaultUrlHost}{ScriptUrlPath}/rename {DefaultUrlHost}{ScriptUrlPath}/manage {DefaultUrlHost}{ScriptUrlPath}/installpasswd {DefaultUrlHost}{ScriptUrlPath}/passwd
49
#AuthDigestFile {DataDir}/.htdigest
50
# For "Digest" authentication to work properly, this string must match
51
# the value of configuration variable $authRealm
52
#AuthName 'Enter your WikiName. (First name and last name, no space, no dots, capitalized, e.g. JohnSmith). Cancel to register if you do not have one.'
55
#for LDAP password support uncomment the following (and fix up the paths)
56
#AuthLDAPURL ldap://yourldapserver/dc=yourldapserver,dc=com?uid?sub?(objectClass=posixAccount)
57
#AuthLDAPGroupAttribute memberUid
58
#AuthLDAPGroupAttributeIsDN off
60
# require group cn=mygroup,ou=groups,dc=yourldapserver,dc=com
65
# File to return on access control error (e.g. wrong password)
66
# By convention this is the UserRegistration page, that allows users
67
# to register with the Foswiki. Apache requires this to be a *local* path.
68
# Comment this out if you setup Foswiki to completely deny access to WikiGuest
69
# in all webs or change the path to a static html page.
70
ErrorDocument 401 /data/web/4d/15/05/flossk.tuxfamily.org/htdocs/foswiki/bin/view/System/UserRegistration
71
# Alternatively if your users are all known to be registered you may want
72
# to redirect them to the ResetPassword page.
73
# ErrorDocument 401 {ScriptUrlPath}/view/System/ResetPassword
75
# Set options for excuting CGI and allow symlinks for e.g. viewauth
76
# This also unsets any options allowing directory indexing etc.
77
Options ExecCGI FollowSymLinks
79
# Limit access to configure to specific IP addresses and or users.
80
# Make sure configure is not open to the general public.
81
# The configure script is designed for administrators only.
82
# The script itself and the information it reveals can be abused by
83
# attackers if not properly protected against public access.
84
<FilesMatch "configure.pl">
88
Allow from 127.0.0.1, 192.168.1.10
89
Require user JamesMichaelDuPont
93
# These are scripts that might change content. The regular expression uses ".*"
94
# at the end so it matches the scripts even if you had to add a .cgi or .pl
95
# extension. If you want to require login for any other scripts, modify the
96
# regular expression below as appropriate.
98
# NB. The resetpasswd & passwd scripts are used to reset and change passwords.
99
# They do their own validation of the user and therefore
100
# should not use "require valid-user"
102
# When using Apache type login the following defines the Foswiki scripts
103
# that makes Apache ask the browser to authenticate. It is correct that
104
# scripts such as view, resetpasswd & passwd are not authenticated.
105
# (un-comment to activate)
106
#<FilesMatch "(attach|edit|manage|rename|save|upload|mail|logon|rest|.*auth).*">
111
AddType application/x-httpd-self .pl