File roundcubemail-httpd.conf of Package roundcubemail
# You might want to set up a virtual host for the server, but it is
# not a requirement. You can as well reach the server under its
# common name under https://yourroundcubeserver.example.com/
#
# NameVirtualHost *
# <VirtualHost *>
# ServerName yourroundcubeserver.example.com
# DocumentRoot __ROUNDCUBEPATH__
<IfModule mod_alias.c>
#Alias /roundcube __ROUNDCUBEPATH__
Alias /roundcubemail __ROUNDCUBEPATH__
</IfModule>
# AddDefaultCharset UTF-8
AddType text/x-component .htc
<Directory __ROUNDCUBEPATH__>
<IfModule mod_version.c>
<IfVersion < 2.4>
Order allow,deny
Allow from all
</IfVersion>
<IfVersion >= 2.4>
<IfModule mod_authz_core.c>
Require all granted
</IfModule>
<IfModule mod_access_compat.c>
Order allow,deny
Allow from all
</IfModule>
</IfVersion>
</IfModule>
<IfModule !mod_version.c>
Order allow,deny
Allow from all
</IfModule>
Options -Indexes +FollowSymLinks
<IfModule mod_php5.c>
php_flag display_errors Off
php_flag log_errors On
#php_value error_log logs/errors
php_value upload_max_filesize 5M
php_value post_max_size 6M
php_value memory_limit 64M
php_flag register_globals Off
php_flag zlib.output_compression Off
php_flag magic_quotes_gpc Off
php_flag magic_quotes_runtime Off
php_flag zend.ze1_compatibility_mode Off
php_flag suhosin.session.encrypt Off
#php_value session.cookie_path /
php_flag session.auto_start Off
php_value session.gc_maxlifetime 21600
php_value session.gc_divisor 500
php_value session.gc_probability 1
</IfModule>
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteRule ^favicon\.ico$ skins/larry/images/favicon.ico
# security rules:
# - deny access to files not containing a dot or starting with a dot
# in all locations except installer directory
RewriteRule ^(?!installer|\.well-known\/|[a-f0-9]{16})(\.?[^\.]+)$ - [F]
# - deny access to some locations
RewriteRule ^/?(\.git|\.tx|SQL|bin|config|logs|temp|tests|program\/(include|lib|localization|steps)) - [F]
# - deny access to some documentation files
RewriteRule /?(README\.md|composer\.json-dist|composer\.json|package\.xml|Dockerfile)$ - [F]
# security rules
</IfModule>
<IfModule mod_deflate.c>
SetOutputFilter DEFLATE
</IfModule>
<IfModule mod_headers.c>
#Header merge Cache-Control public env=!NO_CACHE
</IfModule>
<IfModule mod_expires.c>
ExpiresActive On
ExpiresDefault "access plus 1 month"
</IfModule>
FileETag MTime Size
</Directory>
#
# Special directories
#
<Directory __ROUNDCUBEPATH__/bin>
<IfModule mod_version.c>
<IfVersion < 2.4>
Order deny,allow
Deny from all
</IfVersion>
<IfVersion >= 2.4>
<IfModule mod_authz_core.c>
Require all denied
</IfModule>
<IfModule mod_access_compat.c>
Order deny,allow
Deny from all
</IfModule>
</IfVersion>
</IfModule>
<IfModule !mod_version.c>
Order deny,allow
Deny from all
</IfModule>
</Directory>
<Directory __ROUNDCUBEPATH__/config>
Options -FollowSymLinks
AllowOverride None
<IfModule mod_version.c>
<IfVersion < 2.4>
Order deny,allow
Deny from all
</IfVersion>
<IfVersion >= 2.4>
<IfModule mod_authz_core.c>
Require all denied
</IfModule>
<IfModule mod_access_compat.c>
Order deny,allow
Deny from all
</IfModule>
</IfVersion>
</IfModule>
<IfModule !mod_version.c>
Order deny,allow
Deny from all
</IfModule>
</Directory>
<Directory __ROUNDCUBEPATH__/logs>
Options -FollowSymLinks
AllowOverride None
<IfModule mod_version.c>
<IfVersion < 2.4>
Order deny,allow
Deny from all
</IfVersion>
<IfVersion >= 2.4>
<IfModule mod_authz_core.c>
Require all denied
</IfModule>
<IfModule mod_access_compat.c>
Order deny,allow
Deny from all
</IfModule>
</IfVersion>
</IfModule>
<IfModule !mod_version.c>
Order deny,allow
Deny from all
</IfModule>
</Directory>
<Directory __ROUNDCUBEPATH__/migration>
Options -FollowSymLinks
AllowOverride None
<IfModule mod_version.c>
<IfVersion < 2.4>
Order deny,allow
Deny from all
</IfVersion>
<IfVersion >= 2.4>
<IfModule mod_authz_core.c>
Require all denied
</IfModule>
<IfModule mod_access_compat.c>
Order deny,allow
Deny from all
</IfModule>
</IfVersion>
</IfModule>
<IfModule !mod_version.c>
Order deny,allow
Deny from all
</IfModule>
</Directory>
<Directory __ROUNDCUBEPATH__/migrated>
Options -FollowSymLinks
AllowOverride None
<IfModule mod_version.c>
<IfVersion < 2.4>
Order deny,allow
Deny from all
</IfVersion>
<IfVersion >= 2.4>
<IfModule mod_authz_core.c>
Require all denied
</IfModule>
<IfModule mod_access_compat.c>
Order deny,allow
Deny from all
</IfModule>
</IfVersion>
</IfModule>
<IfModule !mod_version.c>
Order deny,allow
Deny from all
</IfModule>
</Directory>
<Directory __ROUNDCUBEPATH__/plugins/enigma/home>
<IfModule mod_version.c>
<IfVersion < 2.4>
Order deny,allow
Deny from all
</IfVersion>
<IfVersion >= 2.4>
<IfModule mod_authz_core.c>
Require all denied
</IfModule>
<IfModule mod_access_compat.c>
Order deny,allow
Deny from all
</IfModule>
</IfVersion>
</IfModule>
<IfModule !mod_version.c>
Order deny,allow
Deny from all
</IfModule>
</Directory>
<Directory __ROUNDCUBEPATH__/program>
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteRule !^js|.*\.gif$ - [F]
</IfModule>
</Directory>
<Directory __ROUNDCUBEPATH__/temp>
Options -FollowSymLinks
AllowOverride None
<IfModule mod_version.c>
<IfVersion < 2.4>
Order deny,allow
Deny from all
</IfVersion>
<IfVersion >= 2.4>
<IfModule mod_authz_core.c>
Require all denied
</IfModule>
<IfModule mod_access_compat.c>
Order deny,allow
Deny from all
</IfModule>
</IfVersion>
</IfModule>
<IfModule !mod_version.c>
Order deny,allow
Deny from all
</IfModule>
</Directory>
#
# </VirtualHost>
