configure apache on webapp server to not allow REST API on same domain
As detailed in iSEC-LEAP_2013-Webapp-02 - we need to configure apache so that the REST API is not available on the same domain as the webapp
(from redmine: created on 2013-08-20, closed on 2013-08-21, relates #3518)