extern/django-helpdesk
1
0
Fork 1
mirror of https://github.com/django-helpdesk/django-helpdesk.git synced 2024-12-13 02:10:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

Issue #76: Disable directory listings for attachments.

Browse Source
This commit is contained in:
Ross Poulton 2009-07-15 22:58:57 +00:00
parent 445fb6d0eb
commit b8f13a12a8
1 changed files with 16 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
README
View File

@ -120,6 +120,20 @@ the current version of Jutda Helpdesk working.
This is NOT recommended, especially if you're on a shared server. This is NOT recommended, especially if you're on a shared server.
8. Ensure that your 'attachments' folder has directory listings turned off,
to ensure users don't download files that they are not specifically linked
to from their tickets.
If you are using Apache, put a .htaccess file in the 'attachments' folder
with the following content:
Options -Indexes
You will also have to make sure that .htaccess files aren't being ignored.
Ideally, accessing http://MEDIA_URL/helpdesk/attachments/ will give you a
403 access denied error.
######################### #########################
5. Initial Configuration 5. Initial Configuration
######################### #########################