ledgersmb-httpd-2.0-2.2.conf.template

# This file must be edited to substitute the current path with WORKING_DIR

Alias /ledgersmb WORKING_DIR/

<Directory WORKING_DIR>

  # Rewrite rule to allow HTTP Authorization information to the scripts only
  # from this directory.
  RewriteEngine On

  # Redirect the /ledgersmb and /ledgersmb/ URL paths to
  # the true login script: /ledgersmb/login.pl
  RewriteRule ^/ledgersmb/?$ /ledgersmb/login.pl [R]

  # Indicate that the HTTP Authorization data should be passed
  # to the CGI scripts running from this directory
  RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]


  AllowOverride All
  AddHandler cgi-script .pl
  Options ExecCGI Includes FollowSymlinks

  # By default, only allow from localhost.  If you change this, please be
  # advised that you should use SSL protection on any and all network
  # connections that access this application in order to protect usernames and
  # passwords.
  Order Deny,Allow
  Allow from 127.0.0.1
  Allow from localhost
  Deny from All

  # The rest of this file just tightens up security.
  <Files ~ "\.conf$">
    Order Deny,Allow
    Deny from All
  </Files>
</Directory>

<Directory WORKING_DIR/rest>
   RewriteEngine On
   RewriteBase /ledgersmb/rest/
   RewriteRule .* ../rest-handler.pl
</Directory>

<Directory WORKING_DIR/users>
  Order Deny,Allow
  Deny from All
</Directory>

<Directory WORKING_DIR/bin>
  Order Deny,Allow
  Deny from All
</Directory>

<Directory WORKING_DIR/utils>
  Order Deny,Allow
  Deny from All
</Directory>

<Directory WORKING_DIR/spool>
  Order Deny,Allow
  Deny from All
</Directory>

<Directory WORKING_DIR/templates>
  Order Deny,Allow
  Deny from All
</Directory>

<Directory WORKING_DIR/LedgerSMB>
  Order Deny,Allow
  Deny from All
</Directory>

#to avoid 'Directory index forbidden by Options directive' , i had to code follwoing with trailing slash ,tshvr4
<Directory WORKING_DIR/css/>
   Options Indexes FollowSymLinks
   Order Deny,Allow
   Allow from All
</Directory>