зеркало из https://github.com/mozilla/gecko-dev.git
Docs for bug 245877: use testagent.cgi and testserver.pl to test your installation - Patch by me, r=justdave
This commit is contained in:
Родитель
2004f85df9
Коммит
41efc0d724
|
@ -1,5 +1,5 @@
|
||||||
<!-- <!DOCTYPE chapter PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN"> -->
|
<!-- <!DOCTYPE chapter PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN"> -->
|
||||||
<!-- $Id: installation.xml,v 1.132 2006/11/20 17:57:16 lpsolit%gmail.com Exp $ -->
|
<!-- $Id: installation.xml,v 1.133 2006/11/20 19:48:43 lpsolit%gmail.com Exp $ -->
|
||||||
<chapter id="installing-bugzilla">
|
<chapter id="installing-bugzilla">
|
||||||
<title>Installing Bugzilla</title>
|
<title>Installing Bugzilla</title>
|
||||||
|
|
||||||
|
@ -957,7 +957,10 @@
|
||||||
<para>
|
<para>
|
||||||
Configure your web server according to the instructions in the
|
Configure your web server according to the instructions in the
|
||||||
appropriate section. (If it makes a difference in your choice,
|
appropriate section. (If it makes a difference in your choice,
|
||||||
the Bugzilla Team recommends Apache.) Regardless of which webserver
|
the Bugzilla Team recommends Apache.) To check whether your web server
|
||||||
|
is correctly configured, try to access <filename>testagent.cgi</filename>
|
||||||
|
from your web server. If "OK" is displayed, then your configuration
|
||||||
|
is successful. Regardless of which web server
|
||||||
you are using, however, ensure that sensitive information is
|
you are using, however, ensure that sensitive information is
|
||||||
not remotely available by properly applying the access controls in
|
not remotely available by properly applying the access controls in
|
||||||
<xref linkend="security-webserver-access"/>. You can run
|
<xref linkend="security-webserver-access"/>. You can run
|
||||||
|
|
|
@ -1,5 +1,5 @@
|
||||||
<!-- <!DOCTYPE chapter PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN"> -->
|
<!-- <!DOCTYPE chapter PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN"> -->
|
||||||
<!-- $Id: security.xml,v 1.15 2006/05/16 18:57:55 mozilla%colinogilvie.co.uk Exp $ -->
|
<!-- $Id: security.xml,v 1.16 2006/11/20 19:48:43 lpsolit%gmail.com Exp $ -->
|
||||||
|
|
||||||
<chapter id="security">
|
<chapter id="security">
|
||||||
<title>Bugzilla Security</title>
|
<title>Bugzilla Security</title>
|
||||||
|
@ -171,20 +171,19 @@ skip-networking
|
||||||
|
|
||||||
|
|
||||||
<section id="security-webserver">
|
<section id="security-webserver">
|
||||||
<title>Webserver</title>
|
<title>Web server</title>
|
||||||
|
|
||||||
<section id="security-webserver-access">
|
<section id="security-webserver-access">
|
||||||
<title>Disabling Remote Access to Bugzilla Configuration Files</title>
|
<title>Disabling Remote Access to Bugzilla Configuration Files</title>
|
||||||
|
|
||||||
<para>There are many files that are placed in the Bugzilla directory
|
<para>
|
||||||
area that should not be accessable from the web. Because of the way
|
There are many files that are placed in the Bugzilla directory
|
||||||
Bugzilla is currently layed out, the list of what should and should not
|
area that should not be accessible from the web. Because of the way
|
||||||
be accessible is rather complicated. A new installation method is
|
Bugzilla is currently layed out, the list of what should and should not
|
||||||
currently in the works which should solve this by allowing files that
|
be accessible is rather complicated. A quick way is to run
|
||||||
shouldn't be accessible from the web to be placed in a directory outside
|
<filename>testserver.pl</filename> to check if your web server serves
|
||||||
the webroot. See
|
Bugzilla files as expected. If not, you may want to follow the few
|
||||||
<ulink url="http://bugzilla.mozilla.org/show_bug.cgi?id=44659">bug 44659</ulink>
|
steps below.
|
||||||
for more information.
|
|
||||||
</para>
|
</para>
|
||||||
|
|
||||||
<tip>
|
<tip>
|
||||||
|
@ -296,20 +295,16 @@ skip-networking
|
||||||
properly blocked. Of particular interest is the localconfig file which
|
properly blocked. Of particular interest is the localconfig file which
|
||||||
contains your database password. Also, be aware that many editors
|
contains your database password. Also, be aware that many editors
|
||||||
create temporary and backup files in the working directory and that
|
create temporary and backup files in the working directory and that
|
||||||
those should also not be accessable. For more information, see
|
those should also not be accessible. For more information, see
|
||||||
<ulink url="http://bugzilla.mozilla.org/show_bug.cgi?id=186383">bug 186383</ulink>
|
<ulink url="http://bugzilla.mozilla.org/show_bug.cgi?id=186383">bug 186383</ulink>
|
||||||
or
|
or
|
||||||
<ulink url="http://online.securityfocus.com/bid/6501">Bugtraq ID 6501</ulink>.
|
<ulink url="http://online.securityfocus.com/bid/6501">Bugtraq ID 6501</ulink>.
|
||||||
To test, simply point your web browser at the file; for example, to
|
To test, simply run <filename>testserver.pl</filename>, as said above.
|
||||||
test mozilla.org's installation, we'd try to access
|
|
||||||
<ulink url="http://bugzilla.mozilla.org/localconfig"/>. You should get
|
|
||||||
a <quote><errorcode>403</errorcode> <errorname>Forbidden</errorname></quote>
|
|
||||||
error.
|
|
||||||
</para>
|
</para>
|
||||||
|
|
||||||
<tip>
|
<tip>
|
||||||
<para>Be sure to check <xref linkend="http"/> for instructions
|
<para>Be sure to check <xref linkend="http"/> for instructions
|
||||||
specific to the webserver you use.
|
specific to the web server you use.
|
||||||
</para>
|
</para>
|
||||||
</tip>
|
</tip>
|
||||||
|
|
||||||
|
|
Загрузка…
Ссылка в новой задаче