Apache httpd 2.4 allow /location access from multiple specific IPs - apache

I am running Apache web server 2.4 and am trying to enable the server-status mod and page. I have the following in the bottom of the apache2.conf:
ExtendedStatus on
<Location /server-status>
SetHandler server-status
Require ip 127.0.0.1
When I then do "curl http://127.0.0.1/server-status" I get the customized 404 error and a bunch of html that are apparently served from one of the few virtual hosts running on this server.
What is the deciding factor that says which virtual host will serve the requests coming to the server by either internal or external ip address? Why is the location directive from apache2.conf not taking precedence?
I have tried adding Require ip xx.xx.xx.xx inside the location directive multiple times, each time using either localhost, 127.0.0.1, or my client ip address. It does not seem to want to serve properly.

Related

Apache httpd.conf VirtualHost: Attach to the same IP but different port (non standard)

I have a webserver with 2 domains (already attached to a folder), I want my global server configuration, which basically using "/var/www/html" as default document root, to have ANOTHER folder for ANOTHER user, based on just different port (I have read that it is possible in Apache site).
Follow is the cite from apache site:
Each Virtual Host must correspond to a different IP address, different port number, or a different host name for the server, in the former case the server machine must be configured to accept IP packets for multiple addresses. (If the machine does not have multiple network interfaces, then this can be accomplished with the ifconfig alias command -- if your OS supports it).
So my IP is XX.XX.XX.XX and server configuration has the line "listen 443" (I am running by default on https), I did the following:
listen 19758 https
<VirtualHost XX.XX.XX.XX:19785>
ServerName XX.XX.XX.XX:19785
DocumentRoot "/the/path/to/the/user/directory/public_html"
<Directory "/the/path/to/the/user/directory/public_html">
AllowOverride none
Options SymLinksIfOwnerMatch
Require all granted
</Directory>
<IfModule mpm_itk.c>
AssignUserID EFX EFX
</IfModule>
</VirtualHost>
I opened the port in the iptables, and made sure it is opened.
However: When I open the browser and typing "XX.XX.XX.XX:19785", it just timeouts without giving me the page (index.htm) that sits in the desired directory.
Note: This user has no associated domain, and will never has one.
The server is running with 2 other domains that have associated folders, I don't want to mix with them.
What I am doing wrong?
The main idea is to be able to enter from the browser to that directory as that user, and not as "nobody" (the default user of the server in the configuration file).
Thanks a lot for help.

Accessing local host from another machine

I have seen many answers on this with what would appear to be simple solutions, none of which are working for me at this time.
I have WAMP install with Apache 2.4.33 32bit installed on a PC. I can access the site on that PC without a problem using the alias mySite.local.
The PC's host file looks like this
127.0.0.1 mySite.local
The remote lap top's host file is
192.168.1.114 mySite.local
That is the IP of the PC on the network.
httpd.conf
Listen 80
ServerName mySite.local:80
<Directory />
AllowOverride none
Require all denied
</Directory>
DocumentRoot "H:/Intranet/mySite_v2_www/public"
httpd-vhosts.conf
<VirtualHost *:80>
ServerName mySite.local
DocumentRoot "H:/Intranet/mySite_v2_www/public"
</VirtualHost>
I have tried disabling the windows firewall and virus checker on the PC.
The laptop appears to be getting there but being blocked. The message is..
Forbidden
You don't have permission to access / on this server.
Apache/2.4.33 (Win32) PHP/7.2.4 Server at mySite.local Port 80
So it looks like it can see Apache but is being blocked. So what else needs to be set to get access to the server?
Here are two of the links that I have been following to try and get this to work
Error message "Forbidden You don't have permission to access / on this server"
and
How do I connect to this localhost from another computer on the same network?
Thanks for any direction you can provide.
To complement the answer of Paul Neale:
Forbidden You don't have permission to access / on this server. Apache/2.4.33 (Win32) PHP/7.2.4 Server at mySite.local Port 80
That message is an answer from Apache. Disabling the windows firewall and virus checker on the PC won't have any effect, you are already reaching Apache there is not any networking problem.
Apache is receiving your request to access the root folder "public":
H:/Intranet/mySite_v2_www/public
But denies the request because, the directive Require local is enabled. This directive means, you can access to the content of public from the local server (localhost), which is the same to say 127.0.0.0 or localhost.
What you wanted is to tell apache that allows the access of certain IP address to the root directory "public".
When you changed the directive to Require all granted you are telling apache that, no matter who asks, give it access to / (root folder) in other words "public".
So, what you was searching for is "Access Control" in apache, and the directive Require can be used with IP address, here's the main document from Apache, this is an example:
Require host address
Require ip ip.address
It's important to differentiate between Network//Permissions problems. If you want to know if you are able to communicate (At network level) with Apache, you could do:
telnet <IP_APACHE_SERVER> <PORT_APACHE_SERVER>
#example: telnet 172.10.10.2 80
So after playing around will combinations for a day I found that in the httpd.conf I needed to change Require local to Require all granted in the section.
<Directory "H:/Intranet/mySite_v2_www/public/">
Options +Indexes +FollowSymLinks +Multiviews
AllowOverride all
# onlineoffline tag - don't remove
# Require local
Require all granted
</Directory>

Why Require directive does not work properly on Apache?

I have a virtual machine with Virtualbox in which I installed Ubuntu 14.04 and Apache. I am trying that only my host machine could access to this resource with Require directive.
I know that the connection between the virtual machine and the host machine it is correct because if I put on my host machine browser the url localhost:8080 I can see all the content of the root directory of Apache.
The problems comes when I try to use the directive Require on a directory inside the root directory. I only want that the host machine will have access to that resource so I add to the apache2.conf file these lines:
<Directory /var/www/example/>
Options Indexes FollowSymLinks
AllowOverride None
Require ip (Here the ipv4 of my host machine)
</Directory>
but I do not have access from my host machine to this resource.
What could be the problem?
Thanks in advance!
The VirtualBox NAT configuration you are using is causing the http request from your host machine to come into your virtual machine via an internal IP rather than the IP you are expecting. You'll need to update the Require directive to use this internal IP. To do this, check your Apache access logs to see the incoming IP when you access the resource. Use that IP in the require directive. You should see a line for each access request with the incoming IP & the resource accessed. You should see a line denying your access request when access is denied.

Laravel Access forbidden on localhost xampp

I just got stuck in the very begining. I have installed laravel and when i run php artisan serv command then this(Laravel development server started on http://localhost:8000/) line appears but when i access it through browser(http://localhost:8000/) then the following error gets displayed.
Access forbidden!
You don't have permission to access the requested object. It is either read-protected or not readable by the server.
If you think this is a server error, please contact the webmaster.
Error 403
localhost
Apache/2.4.18 (Win32) OpenSSL/1.0.2e PHP/7.0.2
Please help me out. Any help would be greatly appreciated. I am beginner in laravel.
Follow the steps below to create a virtual host:
Change to your XAMPP installation directory (typically, C:\xampp) and open the " httpd-vhosts.conf " and " httpd-xampp.conf " files in the apache\conf\extra\ subdirectory using your favourite text editor.
Add these lines into both files with the following directives:
<VirtualHost *:80>
DocumentRoot "C:\Users\Shivam\Desktop\laravel_project\blog"
ServerName blog.dev
<Directory "C:\Users\Shivam\Desktop\laravel_project\blog">
Options Indexes FollowSymLinks MultiViews
AllowOverride all
Order Deny,Allow
Allow from all
Require all granted
</Directory>
</VirtualHost>
This contains two virtual host configuration blocks:
The first block is the default or fallback virtual host, which is used for all requests that are not matched by subsequent blocks.
The second block sets up a virtual host named wordpress.localhost. The DocumentRoot directive specifies the directory to be used when serving requests for this virtual host (in this case, the WordPress installation directory), while the ServerName directive specifies the custom domain name for the virtual host.
To add more virtual hosts, simply duplicate the second virtual host block and modify the port number, DocumentRoot and ServerName directives as per your requirements. For example, if you want to use SSL with your custom domain name, you can add a new virtual host block for port 443.
If you plan to have a large number of virtual hosts with very similar configuration, consider using wildcard-based subdomains with your virtual hosts.
Restart Apache using the XAMPP control panel for your changes to take effect.
At this point, your virtual host is configured. However, if you try browsing to the wordpress.localhost domain, your browser will show a failure notice, since this domain does not exist in reality. To resolve this, it is necessary to map the custom domain to the local IP address. To do this, open the file C:\windows\system32\drivers\etc\hosts and add the following line to it:
127.0.0.1 blog.dev
This takes care of mapping the wordpress.localhost domain name to the local machine, which always has the IP address 127.0.0.1
It seems to me that you already have Apache running on port 8000.
Try running the serve command like this:
php artisan serve --port=9000
After it's running navigate to http://localhost:9000

How to open host address using host name?

I am trying to open my host address using my host name, but I am getting following error:
You can see the host URL above.
Can someone help me to resolve this issue?
As the error states you cannot access it outside you local network. In another words - your apache xampp is configured to accept calls only from 127.0.0.1 or localhost. For xampp this is defined in location match directive for apache look at the following topic, it covers the most common cases. Note however that this might be security issue.
http://www.apachefriends.org/f/viewtopic.php?p=185823
This will provide you more info on how allow and deny can be configured
http://httpd.apache.org/docs/2.2/mod/mod_authz_host.html#allow
Something like this should be in your httpd-xampp.conf
<LocationMatch "^/(?i:(?:xampp|licenses|phpmyadmin|webalizer|server-status|server-info))">
Order deny,allow
Deny from all
Allow from ::1 127.0.0.0/8 **your.local.ip.address**
ErrorDocument 403 /error/HTTP_XAMPP_FORBIDDEN.html.var
</LocationMatch>