I'm running Apache 2.4 and am trying to block an IP address from my webserver, it's a Cent OS 8 server and I'm editing my httpd.conf file, but for some reason when trying to block an IP and restart httpd, I get a FAILURE exit code.
What am I missing?
#
# Deny access to the entirety of your server's filesystem. You must
# explicitly permit access to web content directories in other
# <Directory> blocks below.
#
<Directory />
AllowOverride none
Require all denied
</Directory>
#
# Note that from this point forward you must specifically allow
# particular features to be enabled - so if something's not working as
# you might expect, make sure that you have specifically enabled it
# below.
#
#
# DocumentRoot: The directory out of which you will serve your
# documents. By default, all requests are taken from this directory, but
# symbolic links and aliases may be used to point to other locations.
#
DocumentRoot "/var/www/MY-SITE/dist"
#
# Relax access to content within /var/www.
#
<Directory "/var/www">
AllowOverride None
# Allow open access:
Require all granted
</Directory>
# Further relax access to the default document root:
<Directory "/var/www">
#
# Possible values for the Options directive are "None", "All",
# or any combination of:
# Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
#
# Note that "MultiViews" must be named *explicitly* --- "Options All"
# doesn't give it to you.
#
# The Options directive is both complicated and important. Please see
# http://httpd.apache.org/docs/2.4/mod/core.html#options
# for more information.
#
Options FollowSymLinks
#
# AllowOverride controls what directives may be placed in .htaccess files.
# It can be "All", "None", or any combination of the keywords:
# Options FileInfo AuthConfig Limit
#
AllowOverride All
#
# Controls who can get stuff from this server.
#
<RequireAll>
Require all granted
Require not ip X.X.X.X
</RequireAll>
# Header set Access-Control-Allow-Origin "*"
</Directory>
Erorrs I get after simply adding:
Require not ip X.X.X.X
is:
Related
I'm trying to block an IP from my server and prevent them from being able to load my website, I've added their IP to the httpd.conf file and have successfully restarted httpd, but after trying to load the website, I'm still able to access the website, surely I'm not missing something obvious here am I?
What am I doing wrong?
#
# Deny access to the entirety of your server's filesystem. You must
# explicitly permit access to web content directories in other
# <Directory> blocks below.
#
<Directory />
AllowOverride none
Require all denied
</Directory>
#
# Note that from this point forward you must specifically allow
# particular features to be enabled - so if something's not working as
# you might expect, make sure that you have specifically enabled it
# below.
#
#
# DocumentRoot: The directory out of which you will serve your
# documents. By default, all requests are taken from this directory, but
# symbolic links and aliases may be used to point to other locations.
#
DocumentRoot "/var/www/MY-SITE/dist"
#
# Relax access to content within /var/www.
#
<Directory "/var/www">
AllowOverride None
# Allow open access:
Require all granted
</Directory>
# Further relax access to the default document root:
<Directory "/var/www">
#
# Possible values for the Options directive are "None", "All",
# or any combination of:
# Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
#
# Note that "MultiViews" must be named *explicitly* --- "Options All"
# doesn't give it to you.
#
# The Options directive is both complicated and important. Please see
# http://httpd.apache.org/docs/2.4/mod/core.html#options
# for more information.
#
Options FollowSymLinks
#
# AllowOverride controls what directives may be placed in .htaccess files.
# It can be "All", "None", or any combination of the keywords:
# Options FileInfo AuthConfig Limit
#
AllowOverride All
#
# Controls who can get stuff from this server.
#
<RequireAll>
Require all granted
Require not ip X.X.X.X
</RequireAll>
# Header set Access-Control-Allow-Origin "*"
</Directory>
In here
<Directory "/var/www">
#
# Possible values for the Options directive are "None", "All",
# or any combination of:
# Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
#
# Note that "MultiViews" must be named *explicitly* --- "Options All"
# doesn't give it to you.
#
# The Options directive is both complicated and important. Please see
# http://httpd.apache.org/docs/2.4/mod/core.html#options
# for more information.
#
Options FollowSymLinks
#
# AllowOverride controls what directives may be placed in .htaccess files.
# It can be "All", "None", or any combination of the keywords:
# Options FileInfo AuthConfig Limit
#
AllowOverride All
#
# Controls who can get stuff from this server.
#
<RequireAll>
Require all granted
Require not ip X.X.X.X
</RequireAll>
# Header set Access-Control-Allow-Origin "*"
you need to change Directory path like this
<Directory "/var/www/MY-SITE/dist">
then try it. thnak you
I want my wamp64 server webpages to can be access globally and not only from my local network.
<Directory />
AllowOverride none
Require all granted
</Directory>
<Directory "C:/wamp64/www/">
#
# Possible values for the Options directive are "None", "All",
# or any combination of:
# Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
#
# Note that "MultiViews" must be named *explicitly* --- "Options All"
# doesn't give it to you.
#
# The Options directive is both complicated and important. Please see
# http://httpd.apache.org/docs/2.4/mod/core.html#options
# for more information.
#
Options Indexes FollowSymLinks
#
# AllowOverride controls what directives may be placed in .htaccess files.
# It can be "All", "None", or any combination of the keywords:
# AllowOverride FileInfo AuthConfig Limit
#
AllowOverride all
#
# Controls who can get stuff from this server.
#
# onlineoffline tag - don't remove
Order allow,deny
Allow from all
Require all granted
</Directory>
Now, if i try to access it from my mobile, there showing an empty (white) page. Same if i put at the url /folder_name
Apache file code here: http://pastebin.com/A7xxiQ6B
This section must never be changed Specially if you are allowing the universe into your site, as this protects the root and all sub folders on the drive that Apache is installed on. Standard process is to block access to EVERYTHING which this does, and then only allow access to those folders APache actually needs access to.
<Directory />
AllowOverride none
Require all granted
</Directory>
Change it back to
<Directory />
AllowOverride none
Require all denied
</Directory>
And in this part you are using Apache 2.2 AND Apache 2.4 syntax which normally gets Apache confused. So remove the Apache 2.2 syntax so it should look like this
# onlineoffline tag - don't remove
Require all granted
Of course you will also need to Port Forward post 80 on your router.
And the PC running WAMPServer will need to be on a static IP address so that that port forwarding always works.
Well, the followings working for me. Figure it out :)
Just add to C:\Windows\System32\drivers\etc\hosts
# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost <-- Uncomment this
# ::1 localhost
127.0.0.1 xxxxxx.ddns.net <-- Add here your public IP or your Dynamic DNS name
If you have your httpd.conf as the following
#Listen 12.34.56.78:80
Listen 0.0.0.0:80
Listen [::0]:80
ServerName xxxxx.ddns.net:80
<Directory "C:/wamp64/www/">
#
# Possible values for the Options directive are "None", "All",
# or any combination of:
# Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
#
# Note that "MultiViews" must be named *explicitly* --- "Options All"
# doesn't give it to you.
#
# The Options directive is both complicated and important. Please see
# http://httpd.apache.org/docs/2.4/mod/core.html#options
# for more information.
#
Options Indexes FollowSymLinks
#
# AllowOverride controls what directives may be placed in .htaccess files.
# It can be "All", "None", or any combination of the keywords:
# AllowOverride FileInfo AuthConfig Limit
#
AllowOverride all
#
# Controls who can get stuff from this server.
#
# onlineoffline tag - don't remove
Require all granted
</Directory>
and C:\wamp64\alias\phpmyadmin.conf
<Directory "C:/wamp64/apps/phpmyadmin4.5.2/">
Options Indexes FollowSymLinks MultiViews
AllowOverride all
Require all granted
..............
</Directory>
You will be able (probably) too see your wamp online.
Please note you have to configure your vhosts from localhost\add_vhost.php for your every project (www/folder_name) and change the C:\wamp64\index.php from
$suppress_localhost = true;
to
$suppress_localhost = false;
i trying to reach my webpages out from may local network. but i got error message "forbidden You don't have permission to access /test/ on this server.
Apache/2.4.17 (Win64) PHP/5.6.16 Server at 192.168.1.139 Port 3388"
my httpd.conf:
<Directory "C:/wamp64/www/">
#
# Possible values for the Options directive are "None", "All",
# or any combination of:
# Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
#
# Note that "MultiViews" must be named *explicitly* --- "Options All"
# doesn't give it to you.
#
# The Options directive is both complicated and important. Please see
# http://httpd.apache.org/docs/2.4/mod/core.html#options
# for more information.
#
Options Indexes FollowSymLinks
#
# AllowOverride controls what directives may be placed in .htaccess files.
# It can be "All", "None", or any combination of the keywords:
# AllowOverride FileInfo AuthConfig Limit
#
AllowOverride all
#
# Controls who can get stuff from this server.
#
# onlineoffline tag - don't remove
Require all granted
allow from all
</Directory>
what can i do, i am desperate :(
thanks for the help
Comment line:
# Require local
That's work for me
So I can't access my website from outside for some reason. I've tried the command "ping xxx" from cmd but I get a timeout. I can access the database from outside though. I have port-forwarded 80 and also tried turning off my firewall & allowing port 80 TCP/UDP both in and out.
I can access it locally (from my computer and on the same network)
My httpd.conf looks like this:
<Directory "D:/wamp/www/">
#
# Possible values for the Options directive are "None", "All",
# or any combination of:
# Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
#
# Note that "MultiViews" must be named *explicitly* --- "Options All"
# doesn't give it to you.
#
# The Options directive is both complicated and important. Please see
# http://httpd.apache.org/docs/2.4/mod/core.html#options
# for more information.
#
Options Indexes FollowSymLinks
#
# AllowOverride controls what directives may be placed in .htaccess files.
# It can be "All", "None", or any combination of the keywords:
# AllowOverride FileInfo AuthConfig Limit
#
AllowOverride all
#
# Controls who can get stuff from this server.
#
# onlineoffline tag - don't remove
Order allow,deny
Allow from all
Deny from none
</Directory>
Any ideas of how I can fix this?
Try replacing this Apache 2.2 syntax with Apache 2.4 syntax.
From
Order allow,deny
Allow from all
Deny from none
To
Require all granted
I keep having this access denied error. I'm using apache 2.2.15 on CentOs 6.4.
The server is running with user apache and group apache.
In home, I have a user staging. I added him to the apache group.
Permissions on the docs folder are:
drwxrwx--- 2 staging staging 4096 Oct 4 14:33 docs
I'm testing with an index.html file:
-rw-r--r-- 1 staging staging 13 Oct 4 14:28 index.html
SELinux is disabled. The address I'm using is staging.mysite.com
My httpd.conf looks like this:
<Directory "/home/*/docs">
#
# Possible values for the Options directive are "None", "All",
# or any combination of:
# Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
#
# Note that "MultiViews" must be named *explicitly* --- "Options All"
# doesn't give it to you.
#
# The Options directive is both complicated and important. Please see
# http://httpd.apache.org/docs/2.2/mod/core.html#options
# for more information.
#
Options FollowSymLinks
#
# AllowOverride controls what directives may be placed in .htaccess files.
# It can be "All", "None", or any combination of the keywords:
# Options FileInfo AuthConfig Limit
#
AllowOverride All
#
# Controls who can get stuff from this server.
#
Order allow,deny
Allow from all
</Directory>
I also have a virtual host set to my staging address:
<VirtualHost SERVERIP:80>
ServerName staging.mysite.com
DocumentRoot /home/staging/docs
ServerAdmin staging#mysite.com
CustomLog /home/staging/logs/access_log combined
</VirtualHost>
If you need more info let me know but any idea why it's giving me this error?
Well, as you stated it, the docs folder is only readable by the staging user and the staging group. So the apache user may not read it.
One solution would be to add the apache user to the staging group.
I can fixed the same error:
To Modify at your nagios configuration the options parameter +Indexes and add DirectoryIndex index.php
Maybe show be:
<Directory "/home/*/docs">
#
# Possible values for the Options directive are "None", "All",
# or any combination of:
# Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
#
# Note that "MultiViews" must be named *explicitly* --- "Options All"
# doesn't give it to you.
#
# The Options directive is both complicated and important. Please see
# http://httpd.apache.org/docs/2.2/mod/core.html#options
# for more information.
#
Options FollowSymLinks +Indexes
DirectoryIndex index.php
#
# AllowOverride controls what directives may be placed in .htaccess files.
# It can be "All", "None", or any combination of the keywords:
# Options FileInfo AuthConfig Limit
#
AllowOverride All
#
# Controls who can get stuff from this server.
#
Order allow,deny
Allow from all
</Directory>
And, finally restart your apache service.
Check the permission /home/ can be +x and +r, like chmod +rx /home/.