From 54785c3b56a3946682fc47e3f5d3a1de1be99308 Mon Sep 17 00:00:00 2001
From: Alex Dehnert <alex@dehnerts.com>
Date: Thu, 16 Aug 2018 04:11:16 -0400
Subject: [PATCH] Require HTTP auth to access roundcube

Perhaps this will serve as an extra layer of protection against any
vulnerabilities in Roundcube.
---
 htgroups             | 1 +
 sites-common/default | 7 +++++++
 2 files changed, 8 insertions(+)

diff --git a/htgroups b/htgroups
index 7befaa4..6ceae1d 100644
--- a/htgroups
+++ b/htgroups
@@ -1 +1,2 @@
 logs: alex
+roundcube: alex
diff --git a/sites-common/default b/sites-common/default
index febad9a..ac775b3 100644
--- a/sites-common/default
+++ b/sites-common/default
@@ -24,6 +24,13 @@ ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
 
 Alias /roundcube/program/js/tiny_mce/ /usr/share/tinymce/www/
 Alias /roundcube /var/lib/roundcube
+<Directory "/var/lib/roundcube">
+	AuthUserFile  /etc/apache2/htdigest
+	AuthGroupFile /etc/apache2/htgroups
+	AuthName "Secure"
+	AuthType Digest
+	Require group roundcube
+</Directory>
 
 ErrorLog ${APACHE_LOG_DIR}/error.olinda.log
 
-- 
2.34.1