Permalink
Browse files

Item14346: Add a .htaccess example for FCGI

  • Loading branch information...
gac410 committed Mar 22, 2017
1 parent b58575c commit 5649b0a2fc4b67b60ad83cd6f79af8db2c69e4f9
@@ -0,0 +1,72 @@
+# Sample bin/.htaccess file. If you require .htaccess files for your apache
+# configuration, tailor this file using the below instructions. See
+# bin-htaccess-advanced for a more complete configuration example.
+#
+# This file is intended for a simple Foswiki installation using Foswiki
+# Template login authentication. It will frequently "just work"
+# without needing further tailoring.
+
+##################################
+# Bot / Spider controls
+##################################
+
+# We set an environment variable called anonymous_spider
+# Setting a BrowserMatchNoCase to ^$ is important. It prevents Foswiki from
+# including its own topics as URLs and also prevents other Foswikis from
+# doing the same. This is important to prevent the most obvious
+# Denial of Service attacks.
+# You can expand this by adding more BrowserMatchNoCase statements to
+# block evil browser agents trying the impossible task of mirroring a Foswiki
+# Example:
+# BrowserMatchNoCase ^SiteSucker anonymous_spider
+BrowserMatchNoCase ^$ anonymous_spider
+
+######################################################################
+# Now set default access rights.
+# - This block will work with Apach 2.2, or 2.4 with mod_access_Compat enabled
+# If this causes errors, comment this out, and enable the 2.4 specific block.
+######################################################################
+Order Allow,Deny
+Allow from all
+Deny from env=anonymous_spider
+
+######################################################################
+# Uncomment this block for Apache 2.4
+######################################################################
+#<RequireAll>
+# Require not env anonymous_spider
+# Require all granted
+#</RequireAll>
+
+######################################################################
+# This block used if mod_rewrite is available. If not, comment it out
+######################################################################
+RewriteEngine On
+RewriteCond %{REQUEST_URI} !/foswiki.fcgi
+RewriteRule ^(.*) /bin/foswiki.fcgi/$1
+
+######################################################################
+# This block used if mod_action is available.
+#Uncomment if mod_rewrite cannot be used.
+######################################################################
+#Action foswiki-fcgid /bin/foswiki.fcgi
+#SetHandler foswiki-fcgid
+#<Files foswiki.fcgi>
+# SetHandler fcgid-script
+#</Files>
+
+
+# Set options for excuting CGI and allow symlinks for e.g. viewauth
+# This also unsets any options allowing directory indexing etc.
+Options ExecCGI FollowSymLinks
+
+# Make sure that any local lib definitions cannot be retrieved
+# For apache 2.4. uncomment the "Require" line and comment the Order and Deny lines
+<Files "LocalLib*">
+# Require all denied
+ Order allow,deny
+ Deny from all
+</Files>
+
+# bin/.htaccess file
+
@@ -1,11 +1,12 @@
-bin/foswiki.fcgi 0755
-data/System/FastCGIEngineContrib.txt 0644
-lib/FCGI/ProcManager/Constrained.pm 0644
-lib/Foswiki/Contrib/FastCGIEngineContrib/DEPENDENCIES 0644
-lib/Foswiki/Contrib/FastCGIEngineContrib/Config.spec 0644
-lib/Foswiki/Contrib/FastCGIEngineContrib.pm 0644
-lib/Foswiki/Engine/FastCGI.pm 0644
-lib/Foswiki/Engine/FastCGI/ProcManager.pm 0644
-tools/systemd/foswiki.service 0755
-tools/foswiki.defaults 0755
-tools/foswiki.init-script 0755
+bin-htaccess-fastcgi.txt 0664
+bin/foswiki.fcgi 0775
+data/System/FastCGIEngineContrib.txt 0664
+lib/FCGI/ProcManager/Constrained.pm 0664
+lib/Foswiki/Contrib/FastCGIEngineContrib.pm 0664
+lib/Foswiki/Contrib/FastCGIEngineContrib/Config.spec 0664
+lib/Foswiki/Contrib/FastCGIEngineContrib/DEPENDENCIES 0664
+lib/Foswiki/Engine/FastCGI.pm 0664
+lib/Foswiki/Engine/FastCGI/ProcManager.pm 0664
+tools/foswiki.defaults 0664
+tools/foswiki.init-script 0664
+tools/systemd/foswiki.service 0664

0 comments on commit 5649b0a

Please sign in to comment.