4

So I have trac running on my debian server with the VirtualHost file looking like:

...
WSGIScriptAlias / /srv/domain/trac.wsgi
WSGIScriptReloading On

<Directory /srv/domain/tracprojects>
  WSGIApplicationGroup %{GLOBAL}
  Order deny,allow
  Deny from all
</Directory>
...

I thought this might deny access to everyone (which I wanted to do to test that this would work). Unfortunatley this didn't affect the setup although the trac application still runs.

Is there something I need to put in my wsgi file to restrict access instead of in my virtual host file?

ingh.am
  • 273
  • 3
  • 15

1 Answers1

2

You should have used:

WSGIScriptAlias / /srv/domain/trac.wsgi

<Directory /srv/domain/>
  WSGIApplicationGroup %{GLOBAL}
  Order deny,allow
  Deny from all
</Directory>

That may stop other stuff as well below that directory though, so use instead:

WSGIScriptAlias / /srv/domain/trac.wsgi

<Directory /srv/domain/tracprojects>
  WSGIApplicationGroup %{GLOBAL}
  Order deny,allow
  <Files trac.wsgi>
  Deny from all
  </Files>
</Directory>

BTW, you don't need WSGIScriptReloading.

Also make sure you read:

Using daemon mode would be prefered.

General setup instructions for Trac at:

Graham Dumpleton
  • 6,090
  • 2
  • 21
  • 19
  • Hi thanks, sorry the WSGIScriptReloading was a throwback from my flask setup (I copied the virtualhost file...), anyway I've removed that now. – ingh.am Dec 22 '12 at 23:22