Previously I used the IIS server as PHP server. Currently, it is the apache.
On IIS I could access to the variable $_SERVER ['REMOTE_USER'] which returns the username and domain (eg domain\user) but after installing XAMPP this variable is not available.
What I should do to get this variable get again?
My app is on local network with no-internet connection
Finally got it to works! :D
Download the module from here https://www.apachehaus.net/modules/mod_authnz_sspi/ (x86 for 32 bit and x64 for 64 bit apache)
Copy the mod_authnz_sspi.so from Apache24\modules folder and place it in the modules folder of your Apache folder on your webserver
Under the httpd.conf file (Config file for your apache) place this line of code. Try to load this as the last module:
LoadModule authnz_sspi_module modules/mod_authnz_sspi.so
Make sure that the following modules are uncommented
LoadModule authn_core_module modules/mod_authn_core.so
LoadModule authz_core_module modules/mod_authz_core.so
PS: both the above modules are required for this to work.
Place the following code in your httpd.conf file
<Directory "path/to/your/htcdocs/folder">
Options None
AllowOverride All
Order allow,deny
Allow from all
#AuthName "SSPI Protected Place"
AuthType SSPI
SSPIAuth On
SSPIAuthoritative On
SSPIOfferBasic On
SSPIOmitDomain On
Require valid-user
</Directory>
Restart your apache servive and hopefully it should restart without any issues.
Now in order to recognise the user , use the following code on a php page
echo $_SERVER['PHP_AUTH_USER'];
That's all.
I'm using:
XAMPP Control Panel 3.2.1
APACHE 2.4
<Directory "path/to/your/htcdocs/folder">
Options None
AllowOverride All
Order allow,deny
Allow from all
#AuthName "SSPI Protected Place"
AuthType SSPI
SSPIAuth On
SSPIAuthoritative On
SSPIOfferBasic On
SSPIOmitDomain On
Require valid-user
</Directory>
If you use ModRewrite or other I suggest you to keep
Options Indexes FollowSymLinks Includes ExecCGI
otherwise you'll get an error like
[rewrite:error]: Options FollowSymLinks and SymLinksIfOwnerMatch are both off, so the RewriteRule directive is also forbidden due to its similar ability to circumvent directory restrictions
You can only access the remote user if Apache has actually authenticated the user, check the apache auth howto.
I battled with this for a long time, it turned out that I had to install VC redistributable to make it work.
I have CentOS 6.1 server and I installed apache 2.2.15 on it.
Now When I try to access it from another pc (windows 7) from IE (http:/// (=centos ip)) I get the "You don't have permission to access / on this server." error. I even created phpinfo.php file with content of "" on "var/www/html" and when I try to access it by using "http://*/phpinfo.php" in IE, I get not found error. What should I do?
my httpd.conf for directiry is like this:
<Directory "/var/www/html">
Options Indexes FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all
</Directory>
Edit httpd.conf file, which is in /etc/httpd/conf/httpd.conf. Add the below code.
<Directory "/">
#Options FollowSymLinks
Options Indexes FollowSymLinks Includes ExecCGI
AllowOverride None
Allow from all
</Directory>
<Directory "/home/">
#Options FollowSymLinks
Options Indexes FollowSymLinks Includes ExecCGI
AllowOverride None
Allow from all
</Directory>
After the line no. 555 (in my case) . Check for the file permissions and restart the server.
service httpd restart
Now, it will work . Still you are facing the same problem, disable the seLinux in /etc/selinux/config change SELINUX=disabled and restart the server as mentioned above and try it.
Hope this helps
Set SELinux in Permissive Mode using the command below:
setenforce 0;
Check file permissions of the /var/www/html and the ALLOW directive in your apache conf
Make sure all files are readable by the webserver and the allow directive is like
<Directory "/var/www/html">
Order allow,deny
Allow from all
</Directory>
if you can see files then consider sorting the directive to be more restrictive
Fist check that apache is running. service httpd restart for restarting
CentOS 6 comes with SELinux activated, so, either change the policy or disabled it by editing /etc/sysconfig/selinux setting SELINUX=disabled. Then restart
Then check locally (from centos) if apache is working.
Try to use the following:
chmod +rx /home/*
If you set SELinux in permissive mode (command setenforce 0) and it works (worked for me) then you can run restorecon (sudo restorecon -Rv /var/www/html/) which set the correct context to the files in Apache directory permanently because setenforce is temporal. The context for Apache is httpd_sys_content_t and you can verify it running the command ls -Z /var/www/html/ that outputs something like:
-rwxr-xr-x. root root system_u:object_r:httpd_sys_content_t:s0 index.html
In case the file does not have the right context, appear something like this:
drwxr-xr-x. root root unconfined_u:object_r:user_home_t:s0 tests
Hope it can help you.
PD: excuse me my English
Create index.html or index.php file in root directory (in your case - /var/www/html, as #jabaldonedo mentioned)
Right click your www folder and click on properties. Navigate to permissions and change all to read and write then click on "Apply permission to enclosed files" and your are done!!
Maybe its too late but this will definitely help some other person
Check the apache User and Group setting in the httpd.conf. It should default to apache on AMI/RedHat or www-data on Debian.
grep '^Group\|^User' /etc/httpd/conf/httpd.conf
Then add the apache user to the group setting of your site's root directory.
sudo usermod -a -G <your-site-root-dir-group> apache
try to edit httpd.conf
<Directory "/usr/local/www/apache24/cgi-bin">
Options Indexes FollowSymLinks Includes ExecCGI
Require all granted
</Directory>
For CentOS 8 your /etc/httpd/conf.d/awstats.conf file needs to look like this and you need to stick in your IP address and restart your httpd service unless you want to whole world to have access to it!
#
# Directives to add to your Apache conf file to allow use of AWStats as a CGI.
# Note that path "/usr/share/awstats/" must reflect your AWStats install path.
#
Alias /awstatsclasses "/usr/share/awstats/wwwroot/classes/"
Alias /awstatscss "/usr/share/awstats/wwwroot/css/"
Alias /awstatsicons "/usr/share/awstats/wwwroot/icon/"
ScriptAlias /awstats/ "/usr/share/awstats/wwwroot/cgi-bin/"
#
# This is to permit URL access to scripts/files in AWStats directory.
#
<Directory "/usr/share/awstats/wwwroot">
Options None
AllowOverride None
<IfModule mod_authz_core.c>
# Apache 2.4
<RequireAny>
Require <Your IP Address here>
</RequireAny>
</IfModule>
<IfModule !mod_authz_core.c>
# Apache 2.2
Allow from <Your IP address here>
Allow from ::1
</IfModule>
</Directory>
# Additional Perl modules
<IfModule mod_env.c>
SetEnv PERL5LIB /usr/share/awstats/lib:/usr/share/awstats/plugins
</IfModule>
Remember that if you IP address changes you need to update the file and restart the httpd server. BTW you can see your ip address as it looks from the outside by simply googling "my ip"
Set required all granted in /etc/httpd/conf/httpd.conf
I've gone through the Apache guide to enable to mod_info.
As per doc:
To configure mod_info, add the following to your httpd.conf file.
<Location /server-info>
SetHandler server-info
</Location>
You may wish to use mod_access inside the <Location> directive to limit access to your server configuration information:
<Location /server-info>
SetHandler server-info
Order deny,allow
Deny from all
Allow from yourcompany.com
</Location>
Once configured, the server information is obtained by accessing
http://your.host.dom/server-info
In my case this link is not giving any info. Is there anything I need to install as mod_info.c or something? Is there anything I need to put as AddModule or something?
There should be a mod_info.so that must be on a path Apache 2 can find. For example, I have:
kdp#darwin ccl $ locate mod_info.so
/usr/lib64/apache2/modules/mod_info.so
Then, I have these in my httpd.conf:
ServerRoot "/usr/lib64/apache2"
LoadModule info_module modules/mod_info.so
This is made available by a snippet in /etc/apache2/modules.d/00_mod_info.conf:
<IfDefine INFO>
# Allow remote server configuration reports, with the URL of
# http://servername/server-info
<Location /server-info>
SetHandler server-info
Order deny,allow
Deny from all
Allow from 127.0.0.1
</Location>
</IfDefine>
(The IfDefine is only needed because of the way stuff is set up on Gentoo.)
Check if info_module is loaded.
% /usr/local/sbin/httpd -t -D DUMP_MODULES | grep info_module
If it is not loaded, add following line to httpd.conf. Note that path/to must be replaced with appropriate path.
LoadModule info_module path/to/mod_info.so
I got the solution.
When I check ./apachectl -l, mod_info has not been installed.
To install the Mod_info or any module, First Compile and install Apache by ./configure --enable-info make make install
More info for install module : http://publib.boulder.ibm.com/httpserv/manual60/install.html
Check ./apachectl -l, mod_info would be there in the list
Enable server-info by updating httpd.conf
invoke url http://your.host.dom/server-info
One thing I am not sure why apache mod_info not installed default installation.
I am new to WAMP and I have just installed it today.
The setup went well and localhost seems to work, but when I try to access phpMyAdmin I get this error:
Forbidden
You don't have permission to access /phpmyadmin/ on this server.
Why do I get this permission access error with phpMyAdmin?
I am using Windows 7.
Change the file content of c:\wamp\alias\phpmyadmin.conf to the following.
Note: You should set the Allow Directive to allow from your local machine for security purposes. The directive Allow from all is insecure and should be limited to your local machine.
<Directory "c:/wamp/apps/phpmyadmin3.4.5/">
Options Indexes FollowSymLinks MultiViews
AllowOverride all
Order Deny,Allow
Allow from all
</Directory>
Here my WAMP installation is in the c:\wamp folder. Change it according to your installation.
Previously, it was like this:
<Directory "c:/wamp/apps/phpmyadmin3.4.5/">
Options Indexes FollowSymLinks MultiViews
AllowOverride all
Order Deny,Allow
Deny from all
Allow from 127.0.0.1
</Directory>
Modern versions of Apache 2.2 and up will look for a IPv6 loopback instead of a IPv4 loopback (your localhost).
The real problem is that wamp is binding to an IPv6 address. The fix:
just add Allow from ::1 - Tiberiu-IonuČ› Stan
<Directory "c:/wamp22/apps/phpmyadmin3.5.1/">
Options Indexes FollowSymLinks MultiViews
AllowOverride all
Order Deny,Allow
Deny from all
Allow from localhost 127.0.0.1 ::1
</Directory>
This will allow only the local machine to access local apps for Apache.
Restart your Apache server after making these changes.
You have to just check whether your WAMP server is online or not.
To put your WAMP server online, follow these steps.
Go to your WAMP server notification icon (in the task bar).
Single click on the WAMP server icon.
Select last option from the menu, that is, Put Online
Your server will restart automatically (in the latest versions only). Otherwise, you have to restart your server manually.
And you are DONE...
If you're using WAMP with Apache 2.4.2 or greater, you need to use Require all instead of Allow and remove Order Deny,Allow:
<Directory "f:/Projects/myproject/www/">
Options Indexes FollowSymLinks MultiViews
AllowOverride all
Require all granted
</Directory>
*as stated in this blog post
Just use 127.0.0.1 instead of localhost (no changes to the configuration file are required).
System:
Windows 7
wampserver2.2d-x64
This works:
http://127.0.0.1/phpmyadmin/
This one fails:
http://localhost/phpmyadmin/
I just had the same problem. It turns out that my installation of Windows is using the IPv6 address ::1 instead of 127.0.0.1. To solve this, I opened httpd.conf and changed the following line:
Allow from 127.0.0.1
to:
Allow from 127.0.0.1 ::1
Now I can access the server through localhost. Whatever you do, don't remove the Deny from all from the line above, or anyone on your network can gain access to your web server (unless that's what you want of course).
If you are on Windows 7 or 8 then Apache might be seeing the connections coming from "::1" which is the IPv6 equivalent of 127.0.0.1.
You can check this by looking in the Apache Access Log (reachable from the WAMP menu)
::1 - - [20/Dec/2012:21:35:04 +0000] "GET /phpmyadmin/ HTTP/1.1" 403 213
The ::1 at the start is the clients address. The 403 at the end is the Access Denied code.
The answers above will remove all restrictions and open phpmyadmin to all, but if you still want to restrict phpmyadmin to your machine only (generally a good idea) then under the line...
Allow from 127.0.0.1
..add the following:
Allow from ::1
(edit: Added suggestion from Nukeface)
Change
Listen 80
to
Listen 127.0.0.1:80
in your httpd.conf file. It will bind Apache to a specific IP address and port.
I found that using localhost would not work properly to allow local access from the server. I had to use 127.0.0.1.
In phpmyadmin.conf this did not work:
Deny from all
Allow from localhost
this did work:
Deny from all
Allow from 127.0.0.1
I am using WampServer Version 2.2
For Apache 2.4.2:
In httpd.conf:
Change
Require local
to
Require all granted
I wanted to run my server online and not under localhost / 127.0.0.1 and had the forbidden message. I am running the WAMP 2.2 server (Apache 2.4.2 / PHP 5.4.3 / MySQL 5.5.24) on Windows 7 64 bit. What worked for me is the following:
Press the startup WAMP icon in the menu
Choose Apache folder
Choose the file httpd.conf
Under the Directory tab section (section with "# Online --> Require all granted" text), I had the "Require local" option which I changed to "Require all granted"
Restart all services of the WAMP
Again, it worked for me and from this thread I understand that there are many cases in which you may get the above error message so if mine does not work, try other solutions.
Good luck.
(I hope it helps someone like it helped me. I did not find any one of the solutions above working for me.)
1.change D:\wamp\bin\apache\apache2.4.9\conf\httpd.conf near line 279
Require local
into
Require all granted
2.change like this in D:\wamp\alias\phpmyadmin.conf from existing one
<Directory "d:/wamp/apps/phpmyadmin4.1.14/">
Options Indexes FollowSymLinks MultiViews
AllowOverride all
Require all granted
Order Deny,Allow
Allow from all
</Directory>
3.Click to Restart All services in wamp.
4.Click put online in wamp.
5.Again Click to Restart All services in wamp.
Hope it Helps..
I fixed that problem before. It can happen due to many reasons, so you can use some or all of the next steps (opening mentioned files using any text editor, like Notepad++).
If you install WAMP in C:\wamp
1- Open file C:\wamp\bin\apache\apache2.2.22\conf\httpd.conf
Note: you may have a different Apache version than Apache 2.2.22, so you need to write it instead.
Search for: Directory "C:/wamp/www/". You will find something similar to this:
<Directory "C:/wamp/www/">
# maybe there is some comments here ...
AllowOverride all
Order Allow,Deny
Allow from all
</Directory>
Be sure that Allow from all is exists and not outcommented.
2- Open file C:\wamp\alias\phpmyadmin.conf.
Make sure that
<Directory "C:/wamp/apps/phpmyadmin3.5.1/">
Options Indexes FollowSymLinks MultiViews
AllowOverride all
Order Deny,Allow
Deny from all
Allow from 127.0.0.1
</Directory>
Change Allow from 127.0.0.1 to Allow from all.
You can remove Deny from all or comment it out by adding # at the beginning of the line, but you have to make sure that Allow from all is the last line of code just before </Directory>.
Note: you may have a different version than phpMyAdmin 3.5.1.
To use localhost/phpmyadmin instead of 127.0.0.1/phpmyadmin:
Open file C:\wamp\bin\apache\apache2.2.22\conf\extra\httpd-vhosts.conf. Add the following at the end of it.
<VirtualHost *:80>
DocumentRoot "C:/wamp/www"
ServerName localhost
</VirtualHost>
The simple solution to this would be to find phpmyadmin.conf file and then find below code inside it,
<Directory "c:/wamp/apps/phpmyadmin3.5.1/">
Options Indexes FollowSymLinks MultiViews
AllowOverride all
Order Deny,Allow
Deny from all
Allow from 127.0.0.1
</Directory>
Change "Deny from all" to "Allow from all".
OR
Follow below link to get better understanding on how to do it,
WAMP says Forbidden You don't have permission to access /phpmyadmin/ on this server Windows 7 or 8
Enjoy :)
If WampServer works in the computer it is installed but not on another device in your network (e.g.: from your phone) with the 'You don't have permission to access on this server.' try the following.
1.
Edit the httpd-vhosts.conf (C:\wamp64\bin\apache\apache2.4.33\conf\extra\httpd-vhosts.conf), so it looks like this:
<Directory "${INSTALL_DIR}/www/">
Options +Indexes +Includes +FollowSymLinks +MultiViews
AllowOverride All
Require all granted
</Directory>
2.
Edit the phpmyadmin.conf (C:\wamp64\alias\phpmyadmin.conf), so it looks like this:
<Directory "d:/wamp64/apps/phpmyadmin4.7.9/">
Options +Indexes +FollowSymLinks +MultiViews
AllowOverride all
Order Deny,Allow
Allow from all
Require all granted
3.
Restart WampServer services
For Apache 2.4.2 the solution is:
in httpd.conf on line 265 change Require none to Require all granted.
That's all.
I had commented out the ::1 line in my hosts file.
Even I faced the same issue with my domain. If I gave an IP address it was working. But with a domain name it was not.
Then I checked my DNS A record. The domain had multiple entries with different IP addresses assigned. I removed all the wrong values, and it worked. Just one more check list if anyone faces a similar issue.
Just edit the file "c:\wamp\alias\phpmyadmin.conf"
like this
<Directory "C:/wamp64/apps/phpmyadmin4.5.5.1/">
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Require all granted
</Directory>
In WAMP 3.1.4 x64 I solved updating the file C:\wamp64\alias\phpmyadmin.conf from this:
Alias /phpmyadmin "c:/wamp64/apps/phpmyadmin4.8.3/"
<Directory "c:/wamp64/apps/phpmyadmin4.8.3/">
Options +Indexes +FollowSymLinks +MultiViews
AllowOverride all
<ifDefine APACHE24>
Require local
</ifDefine>
<ifDefine !APACHE24>
Order Deny,Allow
Deny from all
Allow from localhost ::1 127.0.0.1
</ifDefine>
# To import big file you can increase values
php_admin_value upload_max_filesize 128M
php_admin_value post_max_size 128M
php_admin_value max_execution_time 360
php_admin_value max_input_time 360
</Directory>
to this:
Alias /phpmyadmin "c:/wamp64/apps/phpmyadmin4.8.3/"
<Directory "c:/wamp64/apps/phpmyadmin4.8.3/">
Options +Indexes +FollowSymLinks +MultiViews
AllowOverride all
Require all granted
# To import big file you can increase values
php_admin_value upload_max_filesize 128M
php_admin_value post_max_size 128M
php_admin_value max_execution_time 360
php_admin_value max_input_time 360
</Directory>
And finally restarting all WAMP services.
In my case, the problem was that the phpMyAdmin version was specified wrongly in the phpmyadmin.conf file. You may check that:
Go to wamp/apps/phpmyadmin3.x.x: notice the file name - what version you are currently using?
Open file wamp/alias/phpmyadmin.conf:
Options Indexes FollowSymLinks MultiViews
AllowOverride all
Order Deny,Allow
Allow from all
Check the first line (directory "c:/wamp/apps/phpmyadmin3.x.x/") is the file name exactly the same as your actual file name.
Make sure the directory file name is absolutely correct.
replace localhost with 127.0.0.1 in your URL, worked for me.
I had a similar issue. My Apache configuration file looked like this:
<VirtualHost *:80>
ServerName mywebsite.com
ServerAlias www.mywebsite.com
DocumentRoot "C:/wamp64/www/vtigercrm"
<Directory "/"
Options +Indexes +Includes +FollowSymLinks +MultiViews
AllowOverride All
Require all granted
</Directory>
</VirtualHost>
Here's how I fixed it:
The issue was that I specified the Directory as "/" (that is root folder on my server) instead of "C:/wamp64/www/vtigercrm/", which is where I have my website files.
I modified my configuration this way:
<VirtualHost *:80>
ServerName mywebsite.com
ServerAlias www.mywebsite.com
DocumentRoot "C:/wamp64/www/vtigercrm"
<Directory "C:/wamp64/www/myvtigercrm/"
Options +Indexes +Includes +FollowSymLinks +MultiViews
AllowOverride All
Require all granted
</Directory>
</VirtualHost>
And everything worked fine.
What was going on with my setup was that WAMP was binding to an IPv6 Address (and every subsequent time I reinstalled WAMP).
To fix this, I went into c:\wamp\alias\phpmyadmin.conf and added the line Allow from ::1
The reason might be 127.0.0.1 is not linked to localhost. Check your 'C:\Windows\System32\drivers\etc\hosts' file. It should have a line like this:
# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
I tried to set up my password... And that's how I got locked out from localhost. They should fix this...
Anyway, be careful with random advice. They all may or may not work. But some advice will lock you out even further. The one that worked for me:
Type "http://127.0.0.1/phpmyadmin/" in the address bar.
Then I discovered that http://localhost/phpmyadmin/ also works.
However, before that, out of desperation I had...
I deleted the files, I uninstalled WAMP, deleted temporary cookies, and installed WAMP again. It still doesn't accept "localhost" (and I am tired after a day trying to access WAMP), but the 127.0.0.1 and the localhost/phpmy... work. I am happy to see the page back. And start working again.
If you read this thread all the way to here means you are probably in a big problem... Windows 8, WAMP (wampserver 2.2). I wonder what it needs to get back access to localhost.
In my case a WAMP server was installed before on my pc, so when installing the new one some files not overwritten, all you have to do in that case is to go to the C:\ and delete the whole WAMP folder then install it again.
Check if you are logged in as root or user with privileges. Just to be sure, logout and login again with root/no-password.
If your WAMP icon is not green try:
Left Click WAMP Icon > MySQL > Services > Install Service
So all of these answers are basically the same one. They only address one idea: it has to be DNS related. Well, that is not the only part of this it turns out. After many changes, I was getting nowhere reading the next "same answer" hoping that it would just go my way.
What did the trick for me was to adjust my versions of Apache. I think what the deal was, is that the one of the configuration files get a path off or that the install due to IIS may have been messed up / or / or /etc. And so forcing a version change readdresses everything from your firewall to bad configurations.
In fact, when I switched back to Apache 2.4.2 it goes back to being a forbidden. And as soon as I go back to Apache 2.4.4 it comes back up. That rules out local network issues. I just wanted to point out that all of the answers here are the same and that I have been able to kill the forbidden by changing the Apache version.
I had the same problem. The hosts file is corrupted!
there were:
localhos 127.0.0.1
localhost 127.0.0.1
localhos 127.0.0.1
localhos 127.0.0.1
The result is that localhost is not defined.
Solution: edit the hosts file with admin rights and correct to only one entry:
localhost 127.0.0.1