Have been at this all day and so far not getting to where I'd a liked to have been.
Running pretty much the latest version of everything as just building a new server to move off IIS/IISNode.
I have nginx installed and some conf going that serves only my main index file from a sub dir of /vra/www/. However it does not load any assets or sub-dir pages.
If I call the assets directly, using lowercase URL it returns 404 but uppercase URLs where needed work fine.
My conf example can be seen here: pastebin.com/a12TqP6w
What all think in the webroot folder. I think it has only one directory html your codes are put in the html directory there is no stuff in the mentioned directory /var/www/dev.fishpal.com. change your configuration accordingly where is web content is placed.
Replace with this one.
root /var/www/dev.fishpal.com/html;
or put your codes and stuff in the following directory.
root /var/www/dev.fishpal.com;
Needed to drop some extra things I had inside my conf file
Related
I took over a website which I'm supposed to admin and somebody brought to my attention that certain Indexes and Files are available, which shouldn't be. I will be using dummy names.
You were able to access example.com/intern before, but I changed a line in /etc/apache2/apache2.conf according to this https://stackoverflow.com/a/31445273 . This worked partly, as I get a 403-Forbidden when I now navigate to example.com/intern and that's basically what I want.
However the directory intern governs a file called file.php.bak aswell as file.php. When I navigate to example.com/intern/file.php I get a white website. I am however not sure, if you are able to access file.php in another way, because the site does load and I don't get a 403 like before. What is way worse and the reason I am struggling with this is: If I go to example.com/intern/file.php.bak then my Browser (Firefox) offers me to download file.php.bak, which I can read in plaintext. I want all files in intern to not be accessible via the website, but I have no idea how to do this. Can anybody help?
Things I've tried:
Removing the Indexes from the apache2.conf file like mentioned above. It only puts the 403 on the directory itself and not recursively for all the files in it.
Writing a .htaccess file as described here: https://fedingo.com/how-to-prevent-direct-file-download-in-apache-server/ and putting it in intern with the same result as in 1)
Putting an empty index.html file in the intern directory. This leads to no more 403 in example.com/intern, but the download on example.com/intern/file.php.bak is still possible. I've also tried index.php with the same result.
File System:
The application runs from /var/www/application which is also the folder for the /var/www/application/index.php I want to use. The /var/www/application/intern directory is also there. While it isn't browsable anymore, the files in it still are accessible. /var/www/application/intern/file.php can be navigated to via example.com/intern/file.php, but it seems like it can't be downloaded or read as it results in a white page. /var/www/application/intern/file.php.bak can however be downloaded via example.com/intern/file.php.bak.
Let's say Apache document root is set to DocumentRoot "/folder_one/folder_two"
Placing files in a folder_one will prevent people browsing your apache server and requesting the files directly.
Place index file in folder_two and include some code such as PHP to tell apache to include whatever files you want from folder_one.
In this manor Apache will still be able to serve whatever files you want from folder_one and people will not be able to request the files directly as the are located in a directory above the Apache document root.
So I have this Ember.js project, using node for a back-end. I am trying to add a .htaccess file so i can set exparation headers for my css,js etc. I tried putting it in the root folder of the Ember project but it does not get detected. I have a robots.txt file in the same place and it is detected fine.
I am also using Apache to redirect the domain to work with my node backend. I dont think this should be a problem as the robots.txt file is still detected this way.
Where is the best place to put the .htaccess file or is there an another soloutin to do the same thing that works with Ember?
I recently found the use of a .htaccess file to edit the URL of my webpages. This is done with mod_rewrite (Apache). I use XAMPP and the working files are inside of the appropriate htdocs folder. While in the local directory, the .htaccess file does the job and it edits the URL. I have a domain name that I've been working on and periodically update the working files to that. When I upload these files to the domain through FTP, the .htaccess file doesn't work correctly, as you can imagine since Apache modules have no way of working on a web directory. So my question is, how do I make a .htaccess file work in a web directory without Apache's mod_rewrite module?
Your question is not sufficiently clear. URL rewriting won't work if you're just accessing the static files (i.e. file:///home/user/www/index.html) rather than going through the Apache server (http://localhost/~user/index.html) since Apache will never process the request.
Perhaps your .htaccess file is not being uploaded properly? Some programs will complain a bit when you try to upload strangely named files, such as those beginning with a period.
How do I customize the list that web server does in absence of index.* file in the web root or its child directory, if we do not put any index files in the web root directory and the directory has the read permission?
you can set the page to show for a directory url with the index directive, it doesn't need to point to something called index.*, might just as well be whatever.html. See http://nginx.org/en/docs/http/ngx_http_index_module.html#index for details
or you can set autoindex on to give a generated file/directory listing, you can use the autoindex_exact_size and autoindex_localtime to further customize that listing. See http://nginx.org/en/docs/http/ngx_http_autoindex_module.html for details
3th option, if your nginx is compiled with it, is the random_index, see http://nginx.org/en/docs/http/ngx_http_random_index_module.html for details.
NOTE: to find out if your nginx is compiled with the needed --with-http_random_index_module option use the command nginx -V
Well, it depends on what webserver you are using.
In case of Apache, direcory indexes handled by a module called mod_autoindex.
When you want to customize the directory listing, then you have to know that Apache need three 'view' files:
The Header — by default automatically generated by Apache The
Directory Listing — necessarily generated by Apache
The Footer — referred to as the “Readme” file
The Header and Footer parts are basically written in plain HTML. The directory listing is generated by Apache but you can apply CSS on it..
The whole thing is a rather long story, so what I can suggest is a well written article with the details about this 'directory listing customisation':
Better Default Directory Views with .htaccess
I am using Apache server. Usually when I want to start a new website project, I created a new folder inside my server directory and inside that folder I would have 'index.html or index.php'. When I direct my localhost URL to that folder, it would open it and automatically display index.php.
Now I am trying something new with this CakePHP framework. I finished setting it up, and when I direct my localhost URL to folder 'cakephp-cakephp' (folder containing all the cakePHP files), it then shows me this message:
Release Notes for CakePHP 2.0.0-dev.
Your tmp directory is writable.
The FileEngine is being used for caching. To change the config edit APP/config/core.php
Your database configuration file is present.
I think the next step here is to start the development by saving all my files to "app" folder. But the message is not gone even when I deleted the default index.php files from inside the folder 'cakephp-cakephp'. It seems anyway, the index.php files do not actually generate the message.
Does anybody know what file generates that release notes message? I want to delete that file so that I wont get the message (which I believe is triggered by some default file like 'index.php') when I access folder 'cakephp-cakephp', and then it will show me the file directory inside that folder instead, and I can traverse file directory easily using my browser and access my app folder, in which I am planning to store my index.php file, and save all my development files..
You cannot delete the index.php files and you usually don't modify those files unless you need to do some special configuration. Adding the file app/views/pages/home.ctp gets rid of that message and becomes your default home page.
Also, as stated in the comments, you should really read the manual and try the tutorial.
http://book.cakephp.org