summaryrefslogtreecommitdiffstats
path: root/roundcubemail-README.rpm
diff options
context:
space:
mode:
authorRemi Collet <fedora@famillecollet.com>2014-07-22 11:45:02 +0200
committerRemi Collet <fedora@famillecollet.com>2014-07-22 11:45:02 +0200
commited3612eb19836359e752c8d0dbce143f09ada702 (patch)
tree29011eae1e1dd25b006f9b9cb714eca50e95fc01 /roundcubemail-README.rpm
parentdfc5e7a4d63c31b9ed2cfccc471e93b2bb50ade7 (diff)
roundcubemail 1.0.2
Diffstat (limited to 'roundcubemail-README.rpm')
-rw-r--r--roundcubemail-README.rpm43
1 files changed, 26 insertions, 17 deletions
diff --git a/roundcubemail-README.rpm b/roundcubemail-README.rpm
index a894cb7..945c3e3 100644
--- a/roundcubemail-README.rpm
+++ b/roundcubemail-README.rpm
@@ -13,20 +13,29 @@ there is no need to protect them.
The installer is available at http://localhost/roundcubemail/installer
-
-Access is only authorized from the server, locally.
-You can allow access for installation, but remember to secure it
-again once configured (upstream recommend to drop the directory).
-
-The Webmail is available at http://localhost/roundcubemail
-
-You can grant permission once configured.
-
-Set /etc/httpd/conf.d/roundcubemail.conf
-
-
-WARNING: when upgrading from < 1.0 the old configuration files named main.inc.php
-and db.inc.php are now deprecated and should be replaced with one single config.inc.php file.
-Run the ./bin/update.sh script to get this conversion done or manually merge the files.
-
-NOTE: the new config.inc.php should only contain options that differ from the ones listed in defaults.inc.php.
+The webmail is available at http://localhost/roundcubemail
+
+By default, access to Roundcube and the installer is only allowed from the
+server, locally, in /etc/httpd/conf.d/roundcubemail.conf . Best practice is
+to create a new file - e.g. /etc/httpd/conf.d/z-roundcubemail-allow.conf -
+to adjust the access permissions. You can also edit roundcubemail.conf directly,
+but then any changes to it in future package updates will cause the creation
+of a .rpmnew file, and you will have to merge the changes manually: creating
+a new config file to configure access permissions avoids that.
+
+First use the installer to configure Roundcube, ideally from the server so you
+do not need to allow any wider access to the installer, but you can use a new
+config file to grant wider access to /usr/share/roundcubemail and
+/usr/share/roundcubemail/installer if necessary. Once you have completed
+deployment, you should restrict access to the /installer subdirectory again, as
+an attacker could use it to do anything they liked to your Roundcube
+installation.
+
+UPGRADING: when upgrading from < 1.0 the old configuration files named
+main.inc.php and db.inc.php are now deprecated and should be replaced with one
+single config.inc.php file. Run the /usr/share/roundcube/bin/update.sh script
+as root to get this conversion done or manually merge the files. The update
+script will also update the database configuration.
+
+NOTE: the new config.inc.php should only contain options that differ from the
+ones listed in defaults.inc.php.