Dan Brown wrote:
>>3. Directory ownership - Who should be the owner of this directory?
>>www or root:shared? Why?
>>
>
> The question also applies to files contained in the directory. I'm
> really not sure. I'm still inclined to say www:www, but Darrell has
> pointed out that this wo
Darrell May wrote:
> # Administration: phpmyadmin
> Alias /phpmyadmin /opt/administration/phpmyadmin
>
> RequireSSL on
So you will only be able to assecc this using SSL?
How do you allow "dual" access? Like with webmail!
> Options -Indexes
What does this do?
> AllowOverride No
Brandon Friedman <[EMAIL PROTECTED]> said:
> 1. SSL - How do you enable SSL on your alias directory
Here is an example of forcing SSL and locking access to the admin:
# Administration: phpmyadmin
Alias /phpmyadmin /opt/administration/phpmyadmin
RequireSSL on
Options -Indexes
Allow
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
> From: Brandon Friedman [mailto:[EMAIL PROTECTED]]
> 2. .htaccess control - Is this required?
I'd tend to say no--anything you'd want to do in an .htaccess file
can be done in the template fragment you need to create anyway.
However, the
I am busy with the draft for the securing web-apps howto...
Questions:
1. SSL - How do you enable SSL on your alias directory an how do you
enforce SSL only use on that WWW directory?
SSLEnabled on or something like that?
2. .htaccess control - Is this required?
3. Directory ownership - Who sh