Assuming the default options for the directories are defined by
<Directory "/path">
Options Indexes FollowSymLinks Includes
</Directory>
When using the directive
ScriptAlias /cgi-bin/ "/path/cgi-bin/"
... is it required (or advisable or unsecure, etc) to also specify the option ExecCGI? e.g.
<Directory "/path/cgi-bin">
Options ExecCGI
</Directory>
I think it is necessary, because your allowing the Execution of CGI (hence ExecCGI). Its not unsecure, but default way of enabling CGI script execution in the said directory.
Related
I'm exposing files using Apache's httpd <Directory> as below
Alias /getfiles "/web/playbooks/tmpfiles"
<Directory "/web/playbooks/tmpfiles">
Options Indexes MultiViews
AllowOverride None
Require all granted
</Directory>
With this I'm able to access all files/folder inside /web/playbooks/tmpfiles through web browser URL like the below.
http://<server>:<port>/getfiles/<anyfile.txt>
Is it possible to refresh the above URL so I could see latest changes to files/folder inside /web/playbooks/tmpfiles periodically?
Any solution would be great.
You could try to make the client autorefresh by itself through instructions in the html itself instead of trying to do something weird which is not probably in the http spec. (I might be wrong).
For example, according to your directory entry, load module_autoindex module and then use this config:
<Directory /web/playbooks/tmpfiles>
Options Indexes MultiViews
IndexOptions FancyIndexing
IndexHeadInsert "<meta http-equiv=\"refresh\" content=\"10\">"
AllowOverride None
Require all granted
</Directory>
This way Apache httpd will add that tag in the html and the client will know it has to autorefresh the page each 10 seconds. Generally it is not recommended to set this too low, so perhaps 10 seconds and above is alright for you.
I'm running httpd on fedora server 35 and want to use it to serve files on my local network. It works fine for files stored under the /var/www/html directory directly (e.g. /var/www/html/videos/video.mp4 can be accessed with http://IP/videos/video.mp4 on any local device).
I want to serve files stored in other locations in the file system. My plan was to create symbolic links to those locations. When I do that, I run into forbidden errors when trying to access the files (e.g. A video file /files/videos/video.mp4 linked with a sym link /var/www/html/videos-link -> /files/videos/ so that I would (theoretically) access it with http://IP/videos-link/video.mp4
I can navigate to http://IP/videos-link fine (an Index of DIRECTORY page, but no files are listed), but trying to access the file (http://IP/videos-link/video.mp4) gives me 403 forbidden.
My config (/etc/httpd/conf/httpd.conf) looks like this (it's a bit messy since I've been trying to fix this myself):
<Directory />
Options FollowSymLinks Indexes
AllowOverride All
Require all granted
</Directory>
...
<Directory "/var/www">
Options +FollowSymLinks +Indexes
AllowOverride All
Require all granted
</Directory>
...
<Directory "/var/www/html">
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
</Directory>
...
<Directory "/files/videos">
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
</Directory>
In attempts to make it work I've made sure the sym link and all the directories have the same owner and that their all 777 so ownership/read perms shouldn't be an issue. Would greatly appreciate some help, thanks.
My issue was with SELinux. To get it working immediately I was able to set SELinux to permissive mode with
# setenforce 0
That refreshes on boot and is probably insecure, so the permanent fix (to just let httpd through) would be:
# semanage permissive -a httpd_t
More details on SELinux in Fedora can be found here: https://docs.fedoraproject.org/en-US/quick-docs/getting-started-with-selinux/
I'm hosting localhost/~username/website and I have /subfolder/filename.txt
right now that reference goes to the root but I want it to not have that privilege and to go to localhost/~username/website/subfolder/filename.txt instead.
I'm trying this below but it's not working in my httpd-vhosts.conf. This is inside my
Alias /~username/website "/Users/username/Sites/website"
<Directory "/Users/username/Sites/website">
Options Indexes FollowSymLinks
AllowOverride All
Order allow,deny
Allow from all
Require all granted
</Directory>
I ended up create multiple VirtualHost *:443 and :80 respectively with servernames that were different
First, I looked on this page [Apache localhost 403 error with Yosemite because the person seems to have the same problem as me. I tried differents things but its doesn't work for me. When I write localhost in my url I receive a 403 Forbidden "You don't have permission to access / on this server". Sorry, I'm an beginner. I don't really know what kind of informations that you need to know to help me to fix that.
My directory /Users/schan/Sites/
My user.conf (schan.conf) is
<Directory "/Users/schan/Sites/">
Options Indexes MultiViews
AllowOverride All
Require all granted
</Directory>
My httpd.conf (some informations tell me if you need more)
# DocumentRoot: The directory out of which you will serve your
# documents. By default, all requests are taken from this directory, but
# symbolic links and aliases may be used to point to other locations.
#
DocumentRoot "/Users/schan/Sites"
<Directory "/Users/schan/Sites">
#
# Possible values for the Options directive are "None", "All",
# or any combination of:
# Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
#
# Note that "MultiViews" must be named *explicitly* --- "Options All"
# doesn't give it to you.
#
# The Options directive is both complicated and important. Please see
# http://httpd.apache.org/docs/2.4/mod/core.html#options
# for more information.
#
Options FollowSymLinks Multiviews
MultiviewsMatch Any
#
# AllowOverride controls what directives may be placed in .htaccess files.
# It can be "All", "None", or any combination of the keywords:
# AllowOverride FileInfo AuthConfig Limit
#
AllowOverride All
#
# Controls who can get stuff from this server.
#
Require all granted
If you write 'localhost' in your url, the following directory is called on yosemite: /Library/WebServer/Documents/
which is not the same as /Users/schan/Sites
you would call /Users/schan/Sites using:
http://localhost/~schan
Getting a 403 on 'localhost' on my Yosemite happens, if i drop the read-permission from the Documents Folder, it should be 644 or, in Finder Info it would say
System read and write
wheel read only
everyone read only
For setting up the local user, i found this link the most helpful and complete: http://coolestguidesontheplanet.com/get-apache-mysql-php-phpmyadmin-working-osx-10-10-yosemite/
Having recently moved from Win XP (x86) to Win 7 (x64), I have also had to reinstall Apache. I have installed the 64 bit versions of Apache (2.4.3) and PHP (2.4).
I installed it to c:\Apache24.
I have got it up and running, but now I need to lock it down to my local PC Only.
If I have:
<Directory "c:/Apache24/htdocs">
Options Indexes FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all
# New directive needed in Apache 2.4.3 apparently:
Require all granted
</Directory>
this works fine, but if I change it to:
<Directory "c:/Apache24/htdocs">
Options Indexes FollowSymLinks
AllowOverride None
Order allow,deny
Allow from 127.0.0.1
# New directive needed in Apache 2.4.3 apparently:
Require all granted
</Directory>
(or 'Allow from Localhost' or 'Allow from 192.x.y.z')
I get an access denied error. How can I get round this?
Everything is installed using my login, which has full local admin rights.
Replace
Order allow,deny
Allow from all
Require all granted
by just
Require local
More: http://httpd.apache.org/docs/2.4/en/mod/mod_authz_host.html
One approach is to add Listen to httpd.conf:
Listen 127.0.0.1:80
Remember to remove the other Listen directives, if there are any other.
Note that this will lock down the entire server so it only responds to requests from localhost. If you need to fine-tune permissions on a directory-by-directory basis, use the <Directory> syntax:
<Directory /var/www/secure>
Require local
</Directory>
The above is for Apache 2.4, where Order, Allow, and Deny are deprecated.