Re: Securing Bugzilla
On Tue, Sep 24, 2002 at 11:09:59AM -0400, Todd Charron wrote:
> Thanks for the prompt reply.
>
> So putting an htaccess file in the root of the bugzilla dir (to control
> access by ip and through login/password) would be sufficient? I thought
> it might be, but wanted to make sure there weren't any other security
> issues that I wasn't aware of with running it.
Where is 'the root of the bugzilla dir'? If you mean /var/www/bugzilla,
then no, that is not sufficient. You need to restrict access to the CGIs in
/usr/lib/cgi-bin/bugzilla.
--
- mdz
Reply to: