46 lines
1.5 KiB
Plaintext
46 lines
1.5 KiB
Plaintext
# The Zoneminder web interface has been disabled by default due to a small
|
|
# security issue in the default install.
|
|
#
|
|
# When using Zoneminder's own authentication, recorded CCTV images are
|
|
# accessible from the web directly without passing the authentication. This
|
|
# means any attacker could see your CCTV images without a password. In order
|
|
# to avoid this you can disable Zoneminder's authentication and configure
|
|
# standard Apache authentication (see the Apache documentation for details on
|
|
# this).
|
|
#
|
|
# If you still wish to use Zoneminder's own authentication, or have an
|
|
# internal site which needs no authentication, you need to delete the line
|
|
# marked below and restart Apache.
|
|
|
|
Alias /zm "/usr/share/zoneminder/www"
|
|
<Directory "/usr/share/zoneminder/www">
|
|
Options -Indexes +MultiViews +FollowSymLinks
|
|
AllowOverride All
|
|
<IfModule mod_authz_core.c>
|
|
# Apache 2.4
|
|
Require all granted
|
|
</IfModule>
|
|
<IfModule !mod_authz_core.c>
|
|
# Apache 2.2
|
|
Order deny,allow
|
|
Allow from all
|
|
</IfModule>
|
|
# The code unfortunately uses short tags in many places
|
|
php_value short_open_tag 1
|
|
</Directory>
|
|
|
|
ScriptAlias /cgi-bin/zm "/usr/libexec/zoneminder/cgi-bin"
|
|
<Directory "/usr/libexec/zoneminder/cgi-bin">
|
|
AllowOverride All
|
|
Options +ExecCGI +FollowSymLinks
|
|
<IfModule mod_authz_core.c>
|
|
# Apache 2.4
|
|
Require all granted
|
|
</IfModule>
|
|
<IfModule !mod_authz_core.c>
|
|
# Apache 2.2
|
|
Order deny,allow
|
|
Allow from all
|
|
</IfModule>
|
|
</Directory>
|