[Kamailio-Devel] [SIREMIS] minor fixes in Apache conf

[Iñaki Baz Castillo]

El Lunes, 16 de Marzo de 2009, Iñaki Baz Castillo escribió:
> So I suggest:
>
>     Alias /siremis "/var/www/siremis-0.9.0/siremis-web/"
>     RedirectMatch ^/siremis/$ /siremis/bin/
>     <Directory "/var/www/siremis-0.9.0/siremis-web/">
>         Options Indexes FollowSymLinks MultiViews
>         AllowOverride All
>         Order allow,deny
>         Allow from all
>         <Files ~ "\.inc$">
>             Order allow,deny
>             Deny from all
>         </Files>
>     </Directory>

Anyway it's not enough, I feel the web security is very weak. For example, I 
can navigate to:
  http://mydomain.org/siremis-0.9.2/siremis/metadata/Config.xml
and read the DB data.


-- 
Iñaki Baz Castillo