ledgersmb 1.3.25-1 / etc / apache2 / conf.d / ledgersmb-httpd.conf

# This file must be edited to substitute the current path with WORKING_DIR

Alias /ledgersmb /usr/share/ledgersmb/

<Directory /usr/share/ledgersmb>

  # Rewrite rule to allow HTTP Authorization information to the scripts only
  # from this directory.
  RewriteEngine On

  # Redirect the /ledgersmb and /ledgersmb/ URL paths to
  # the true login script: /ledgersmb/login.pl
  RewriteRule ^/ledgersmb/?$ /ledgersmb/login.pl [R]

  # Indicate that the HTTP Authorization data should be passed
  # to the CGI scripts running from this directory
  RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]

  AllowOverride All
  AddHandler cgi-script .pl
  Options ExecCGI Includes FollowSymlinks

  # By default, only allow from localhost.  If you change this, please be
  # advised that you should use SSL protection on any and all network
  # connections that access this application in order to protect usernames and
  # passwords.
  Order Deny,Allow
  Allow from 127.0.0.1
  Allow from localhost
  Deny from All

  # The rest of this file just tightens up security.
  <Files ~ "\.conf$">
    Order Deny,Allow
    Deny from All
  </Files>
</Directory>

<Directory /var/lib/ledgersmb/users>
  Order Deny,Allow
  Deny from All
</Directory>

<Directory /usr/share/ledgersmb/bin>
  Order Deny,Allow
  Deny from All
</Directory>

<Directory /usr/share/ledgersmb/utils>
  Order Deny,Allow
  Deny from All
</Directory>

<Directory /var/lib/ledgersmb/spool>
  Order Deny,Allow
  Deny from All
</Directory>

<Directory /var/lib/ledgersmb/templates>
  Order Deny,Allow
  Deny from All
</Directory>

<Directory /usr/share/ledgersmb/LedgerSMB>
  Order Deny,Allow
  Deny from All
</Directory>

Alias /lsmbcss /var/lib/ledgersmb/css/
<Directory /var/lib/ledgersmb/css>
  Order Deny,Allow
  Allow from 127.0.0.1
  Allow from localhost
  Deny from All
</Directory>