Fix httpd template to restrict access to the casProxy handler

11 years ago · 325b033df2
parent ac381110ec
commit 325b033df2
1 changed files with 10 additions and 7 deletions
--- a/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/85SOGoAccess
+++ b/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/85SOGoAccess
@ -10,18 +10,15 @@
    $OUT = "";
 }
-ScriptAlias /SOGo/cgi-bin /usr/share/SOGo/cgi-bin
+ScriptAlias /sogo-cgi-bin /usr/share/SOGo/cgi-bin
 <Directory /usr/share/SOGo/cgi-bin>
    AllowOverride None
    Options +ExecCGI
    Order deny,allow
    Allow from 127.0.0.1
 </Directory>
-ProxyPass /SOGo/casProxy http://localhost/SOGo/cgi-bin/cas-proxy-validate
+ProxyPass /SOGo/casProxy http://localhost/sogo-cgi-bin/cas-proxy-validate
 <Proxy http://localhost/SOGo/cgi-bin/cas-proxy-validate>
   Order deny,allow
   Allow from 127.0.0.1 192.168.7.1
 </Proxy>
 ProxyPass /SOGo http://127.0.0.1:{$sogod{'TCPPort'}}/SOGo
 ProxyPassReverse /SOGo http://127.0.0.1:{$sogod{'TCPPort'}}/SOGo
@ -41,6 +38,12 @@ RedirectMatch ^/.well-known/(caldav|carddav)$ /SOGo/dav/
    RequestHeader set "x-webobjects-server-url" "https://%\{REQUEST_HOST\}e/SOGo"
 </Location>
 <Location /SOGo/casProxy>
    Order deny,allow
    Deny from All
    Allow from 127.0.0.1 {"$LocalIP";}
 </Location>
 Alias /.woa/WebServerResources/ {"$style";}
 Alias /SOGo.woa/WebServerResources/ {"$style";}
 Alias /SOGo/WebServerResources/ {"$style";}