[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Savannah-hackers-public] Website synchronization
|
From: |
Bernie Innocenti |
|
Subject: |
[Savannah-hackers-public] Website synchronization |
|
Date: |
Mon, 06 Dec 2010 16:43:30 -0500 |
Hello Savannah Hackers,
yesterday I've re-enabled the script that automatically checks out the
website repositories for all the gnu and non-gnu projects, including the
main website.
I've also somewhat hardened the configuration of the gnu.org and
nongnu.org virtual hosts. In particular,
* symlinks are no longer followed
* Server Side Includes are now completely disabled except for the
main site
* it is no longer possible to execute CGIs from Server Side Includes
* mod_php is no longer installed
* mod_python is now disabled everywhere except for the internal
new-savannah-project script
The following Apache features are enabled for all gnu projects:
Options Indexes MultiViews Limit
AllowOverride Indexes FileInfo Limit
The following Apache features are enabled for all nongnu projects:
Options Indexes Multiviews
AllowOverride None
Let me know if the new configuration broke something important. If the
current settings seem excessively restrictive, we could re-enable
specific features on a case-by-case basis.
Turning off FileInfo would actually have been good, because it enables a
bunch of scary directives in .htaccess, but there are way too many
projects already using Redirect and RedirectMatch. Converting them all
would be impractical.
--
Bernie Innocenti
Systems Administrator, Free Software Foundation
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Savannah-hackers-public] Website synchronization,
Bernie Innocenti <=