# -*- apache -*-
#
#  THIS FILE IS SUPPOSED TO COME WITH THE DEBIAN PACKAGE. PATH WILL BE
#  ERRONEOUS FOR A HAND-MADE INSTALLATION
#
#  Written for apache 1.x
#  If you use apache 2.x, read INSTALL.verbose shipped with Savane
#
####################################################################
# TROUBLESHOOTING:
#
# Make sure
#     LoadModule env_module /usr/lib/apache/1.3/mod_env.so
# exists anywhere in your apache setup (usually /etc/apache/modules.conf). 
# 
# Make sure AddDefaultCharset if set off, like this
#     AddDefaultCharset off
# (usually /etc/apache/httpd.conf). 
#
###################################################################
# SECURITY IMPROVEMENTS:
#
# You should add in your php.ini, if you are sure that no PHP software
# on your server require these:
#	
#     disable_functions = exec, passthru, popen, shell_exec, system
#
####################################################################  

# If you'd like to put savane on the root of your webserver, 
# you would have to put:
# Alias / /usr/share/savane-frontend/

Alias /savane/export /var/cache/savane
Alias /savane /usr/share/savane-frontend

<Directory /usr/share/savane-frontend>
    # Pure apache conf:
    SetEnv SAVANE_CONF /etc/savane
    Options SymLinksIfOwnerMatch
    AllowOverride None
    ErrorDocument 404 /savane/404.php
    Order allow,deny
    Allow from all

    # PHP conf:
    #  use register_globals and file uploads:
    php_admin_flag register_globals on
    php_admin_flag register_long_arrays on
    php_admin_flag magic_quotes_gpc on
    php_admin_flag file_uploads on
    #  for xhtml validity:
    php_value arg_separator.output "&amp;"
    #  to improve security
    php_admin_flag allow_url_fopen off
    php_admin_flag display_errors off
    php_admin_flag log_errors on

    # Configure some specials urls:
    <Files u>
        ForceType application/x-httpd-php
    </Files>
    <Files us>
        ForceType application/x-httpd-php
    </Files>
    <Files users>
        ForceType application/x-httpd-php
    </Files>
    <Files projects>
        ForceType application/x-httpd-php
    </Files>
    <Files pr>
        ForceType application/x-httpd-php
    </Files>
    <Files p>
        ForceType application/x-httpd-php
    </Files>
    <Files file>
        ForceType application/x-httpd-php
    </Files>


    # Restrict access to testconfig
    <Files testconfig.php>
   	Order Deny,Allow
	Allow from 127.0.0.1
	Deny from All
    </Files>
</Directory>

# Restrict access into include/
<Directory /usr/share/savane-frontend/include>
	Order Allow,Deny
	Deny from all
</Directory>

# Limit access to savane export
<Directory /var/cache/savane>
    Options SymLinksIfOwnerMatch
    AllowOverride None
    ErrorDocument 404 /savane/404-export.php
    Order Allow,Deny 
    Allow from all
</Directory>


# End Of File
