Help

Introduction

The "Security/Resource" directory contains a list of resource settings, each named according to the resources they protect.

Each resource directory contains an "Access" control directory which defines which protocols and which users will be allowed access to that resource.

The list may also contain "Authenticate", "FileInfo" and "Index" items which further specify how to authenticate users, how to categorise files, and how to present files in a directory index respectively.

The "Hook" item in the resource's directory allows for customisation of the processing of the request. It can be used as a very fast and more flexible alternative to the HTTP CGI scripting mechanism, and has the added advantage of being protocol independent so that hooks can be written for protocols such as FTP too.

To specify all resources, a single wildcard "*" resource name is used. Resource names can contain the special characters " " (space) and "/" (slash) but not double quotes.

Resource Types

The following resource types are allowed, with examples to illustrate:

TypeExampleExplanation
Disk e: Specifies all files and directories on the E drive.
Directory e:/pub/ Specifies all files and directories underneath the pub directory on the E drive.
/pub/ Specifies all files and directories underneath the pub directory on any drive.
File *.htm* Specifies all files with an extension starting with htm, regardless of the drive or directory.
*/public/ok* Specifies all files that start with the letters "ok" and which reside in a directory named "public", regardless of which drive and what level in the disk directory hierarchy.

Pattern Matching for Protocols and Users

If multiple patterns are listed, all the patterns are consulted before a final allow/deny decision is made. To shortcut this process and stop the decision making after a specified pattern, set the special "Stop" variable to TRUE. For example:

stop users=joe hosts=12.34.56.78
users= hosts=12.34.
negate users= hosts=12.34.56.78

would allow "joe" access from the IP address "12.34.56.78", but deny everybody else from that IP address, while allowing all users access from the IP address set "12.34.*.*" so long as they are not at the IP address "12.34.56.78". If the "Stop" had not been used on the first pattern, then the first pattern would have been ignored because it would have been overridden by the final pattern.

Administration and Configuration

There is a special sub-directory of the document root which contains the various screens necessary for the administration and configuration utilities. It is very important that this resource is defined and has server-side includes set, otherwise you will not be able to reconfigure your server.

If you start the server without any configuration file, it will automatically create the necessary resources, templates and user databases to allow you to operate the server.

Config:/Security/Resource/*/

SettingExplanationDefault /
Example
Data
Type
Access
R,W,A,D
Override Set to FALSE to disregard any subsequent rules that match this resource. This is equivalent to setting all the other "Override" variables to FALSE.

Set to TRUE and selectively enable the other "Override" variables if you wish to allow subsequent rules to modify the security specification found in this rule.

Yes IntegerR,W
OverrideAuthenticate Set to TRUE to allow overrides of Authenticate/ variables in subsequent rules. Yes IntegerR,W
OverrideFileInfo Set to TRUE to allow overrides of FileInfo/ variables in subsequent rules. Yes IntegerR,W
OverrideHook Set to TRUE to allow overrides of Hook/ variables in subsequent rules. Yes IntegerR,W
OverrideIndex Set to TRUE to allow overrides of Index/ variables in subsequent rules. Yes IntegerR,W
OverrideAccess Set to TRUE to allow overrides of Access/ variables in subsequent rules. Yes IntegerR,W
Template The name of the template to apply instead of the settings in this directory and its sub-directories. Templates are found under the Security/Template directory.

If you have a set of security settings that you have already defined for a resource, but wish to use for other resources, you can either copy those settings to each of the resources, or set up a template by copying the settings to the "Security/Template" directory and then simply naming the template in each of the "Security/Resource" definitions. This means that any change to the template will be automatically propagated to each of the resources that refer to it.

If you wish to selectively apply settings from several templates, leave this variable empty and set the individual "TemplateXX" variables.

Default TextR,W
TemplateAuthenticate Use the given template's Authenticate/ variables. (none) TextR,W
TemplateFileInfo Use the given template's FileInfo/ variables, excluding the sub-directories containing the MIME definitions. (none) TextR,W
TemplateFileInfoLists Use the given template's FileInfo/*/ sub-directories which specify MIME types but don't use the top-level variables specifying the Welcome page, etc. (none) TextR,W
TemplateHook Use the given template's Hook/ variables. (none) TextR,W
TemplateIndex Use the given template's Index/ variables, excluding the file pattern lists for items such as descriptions, attaching icons, etc. (none) TextR,W
TemplateIndexLists Use the given template's Index/*/ sub-directories for items such as descriptions, attaching icons, etc, but don't use the top-level variables specifying the Readme file, etc. (none) TextR,W
TemplateAccess Use the given template's Access/ variables. (none) TextR,W