# This is a basic apache config file that can be configured to control access to specific areas of Ensemble and phpMyAdmin


<Directory /var/www/html/phpMyAdmin>
	#Redirect any http traffic to https (SSL Connection)
	RewriteEngine On  
	Options +FollowSymlinks
	RewriteCond %{SERVER_PORT} !^443$
	RewriteRule ^(.*)$ https://%{SERVER_NAME}/phpMyAdmin/$1 [R,L]  
	Order Allow,Deny
	Allow from All
</Directory>

#require SSL for ensemble directories
<Directory ~ "^/var/www/.*/(ensemble|ensemble_dev)">
	#Redirect any http traffic to https (SSL Connection)
 	RewriteEngine On
	Options +FollowSymlinks
        RewriteCond %{SERVER_PORT} !^443$
        RewriteRule ^(.*)$ https://%{SERVER_NAME}%{REQUEST_URI} [R,L]
        Options +ExecCGI
        Order Allow,Deny
        Allow from All
</Directory>

#This section can be used to restrict admin access to only specific domains or subnets
<Directory ~ "^/var/www/.*/(ensemble|ensemble_dev)/admin">
	Options +ExecCGI
	#Order Deny,Allow
	#Deny from All
	#Allow from X.X.X.X
</Directory>

#admin/external directory is generally not protected
<Directory ~ "^/var/www/.*/(ensemble|ensemble_dev)/admin/external">
	Options +ExecCGI
	Order Allow,Deny
	Allow from All
</Directory>