Roundcube Community Forum
Release Support => Pending Issues => Topic started by: cavaughan on September 05, 2018, 07:22:36 PM
-
I see on RC's recommendations for installation that you should prevent the web access to directories like the ./config directory. It implies this is done through the .htaccess file. It looks like it should but it doesn't.
So how best to accomplish this? I've tried changing the user and group on those directories, but that didn't work, so I changed the chmod. But that blocked something so that RC wouldn't even work. So how do I allow certain rights, but no web access?
Thanks for any input!
-
It depends on your web server, not all web server configurations support the .htaccess file. One simple think you can do is to put the main roundcube folder above the web root folder then then use the public_html folder to access the Roundcube core files.
-
Took awhile but finally figured out the setting in Apache to use the .htaccess file.
Thanks!