We have set up apache server and created a symbolic to logs folder.
Problem:
When we try access the logs using http:/server:port/logs the logs appear properly in browser. However when we are using big ip url that is http:/bigipurl/logs url rewrites as http:/bigipurl:port/logs and the page doesnt get displayed.
Observation:
If we use http:/bigipurl/logs/ logs are getting displayed.
Figured this out, Added directoryslash off under the respective directory section in httpd.conf file.
Related
I took over a website which I'm supposed to admin and somebody brought to my attention that certain Indexes and Files are available, which shouldn't be. I will be using dummy names.
You were able to access example.com/intern before, but I changed a line in /etc/apache2/apache2.conf according to this https://stackoverflow.com/a/31445273 . This worked partly, as I get a 403-Forbidden when I now navigate to example.com/intern and that's basically what I want.
However the directory intern governs a file called file.php.bak aswell as file.php. When I navigate to example.com/intern/file.php I get a white website. I am however not sure, if you are able to access file.php in another way, because the site does load and I don't get a 403 like before. What is way worse and the reason I am struggling with this is: If I go to example.com/intern/file.php.bak then my Browser (Firefox) offers me to download file.php.bak, which I can read in plaintext. I want all files in intern to not be accessible via the website, but I have no idea how to do this. Can anybody help?
Things I've tried:
Removing the Indexes from the apache2.conf file like mentioned above. It only puts the 403 on the directory itself and not recursively for all the files in it.
Writing a .htaccess file as described here: https://fedingo.com/how-to-prevent-direct-file-download-in-apache-server/ and putting it in intern with the same result as in 1)
Putting an empty index.html file in the intern directory. This leads to no more 403 in example.com/intern, but the download on example.com/intern/file.php.bak is still possible. I've also tried index.php with the same result.
File System:
The application runs from /var/www/application which is also the folder for the /var/www/application/index.php I want to use. The /var/www/application/intern directory is also there. While it isn't browsable anymore, the files in it still are accessible. /var/www/application/intern/file.php can be navigated to via example.com/intern/file.php, but it seems like it can't be downloaded or read as it results in a white page. /var/www/application/intern/file.php.bak can however be downloaded via example.com/intern/file.php.bak.
Let's say Apache document root is set to DocumentRoot "/folder_one/folder_two"
Placing files in a folder_one will prevent people browsing your apache server and requesting the files directly.
Place index file in folder_two and include some code such as PHP to tell apache to include whatever files you want from folder_one.
In this manor Apache will still be able to serve whatever files you want from folder_one and people will not be able to request the files directly as the are located in a directory above the Apache document root.
to give you some context with where I'm at, I have set up a subdomain to serve the images for my site on www.images.mysite.com
This "images" subdomain is intended to serve the images to primary domain www.mysite.com (being located on the server at "/public_html") and also the Woocommerce subdomain www.shop.mysite.com (being located on the server at "/public_html/shop").
I have uploaded the images from the old directory (which is currently still in use) on the server at "/public_html/wp-content/uploads" to the new directory connected to the www.images.mysite.com subdomain at "/public_html/images/wp-content/uploads"
The challenges I'm facing at this stage is that I can't seem to get the images to upload to the www.images.mysite.com location when sent from the www.mysite.com Wordpress installation or the www.shop.mysite.com Wordpress installation even after adding the path for this to 'options.php' for both the www.mysite.com Wordpress installation or www.shop.mysite.com Wordpress installations.
When I did set this path earlier though 'options.php' (through www.mysite.com/wp-admin/options.php pointing to www.images.mysite.com without the trailing slash) it caused conflicts with the www.mysite.com and www.shop.mysite.com sites and dropped all the images from both the www.mysite.com Wordpress installation and the www.shop.mysite.com Wordpress installations. When I removed the path from the ‘options.php’ file the installations both worked fine again.
I have had the process of setting this up explained to me as:
*Imagine you want the images for www.shop.mysite.com to be loaded from www.images.mysite.com The document root folder for www.shop.mysite.com is /public_html/shop - for the images it's /public_html/shop/wp-content (Note: I think this is supposed to be /public_html/images/wp-content but correct me if I'm wrong).
In such case, we need to change the document root for www.images.mysite.com to that one -> public_html/shop/wp-content. Once done, inside the wp-config.php for www.shop.mysite.com, you would need to add the following code: define("WP_CONTENT_URL", "http:// images.mysite.com"); define("COOKIE_DOMAIN", "shop.mysite.com"); Once done, from phpmyadmin, in the database for www.shop.mysite.com (XXXXXX21_wp451) -> there is a tool named SQL at the top where you can run queries. This would be the needed query -> UPDATE wp_posts SET post_content = REPLACE(post_content,'www. shop.mysite.com/wp-content/','images.mysite.com/')*
The explanation above seems a bit out to me with the note I added as bolded.
I'm running HTTPS - should the code above state that?
There are some spaces in what I have been provided here that I'm not sure if they will have an impact on the execution.
I have a dummy site that I can use which won't cause any major issues if I break it which i'll test this in. If anyone has any pointers they would be greatly appreciated :)
take a backup for your database and files and do as this article explains:
Login to your hosting account and launch “phpMyAdmin” section under cPanel. Open the database of your main domain. Select “wp-options” table and replace the following two parameters and save your settings.
upload_path ==> directory root for your subdomain
upload_url_path ==> actual URL path for your subdomain
Until this step there will be no impact on your live site since the existing media upload folder is not changed. Any new image you upload henceforth will be stored in a new subdomain path you have entered in the “wp-options” table. You can cross check this by uploading a test image and check the URL. Once you modified the upload path in “wp-options” table you can see the upload path options are enabled in WordPress admin frontend under “Settings > Media“. Henceforth you can update the uploads file path directly here.
then you will have to replace images links by running this SQL query:
UPDATE wp_posts SET post_content = REPLACE(post_content,'URL of current media folder','URL of new media folder')
I have been playing with booked scheduler for a client but noticed that when I hit a certain part of the site it doubles up a folder in the URL and causes a 404. I believe it should be possible to fix using .htaccess but I'm unsure where to start.
The URL should be
domain.com/Web/thing.php
but the button is loading
domain.com/Web/Web/thing.php
Is it possible to fix the broken link using .htaccess so it loads the page without the second folder?
Try:
Redirect /Web/Web/ /Web/
This will need to go in the htaccess file in your document root.
Using Plesk 11. The custom error docs is working for inside the httpdocs folder for the vhost, but it is not working for the other domains outside the vhost.
For example, my vhost is called ns304346.ovh.net. If I go to http://ns304346.ovh.net/thiswontwork.lol it takes me to the predefined 404 page inside the error_docs folder.
However, in this webspace I also have the domain jaycraft.co inside the ns304346.ovh.net vhost folder, but not inside the httpdocs folder. This all works great, except instead of jaycraft.co using the error_docs 404 page, it just goes to the index file.
For example, http://dev.jaycraft.co/thiswontwork just goes to http://dev.jaycraft.co/thiswontwork showing the index page.
Seems like your website has some internal redirecting/rewriting or rewriting in .htaccess, because the following configuration is works for me:
/var/www/vhosts/domain1.com/ <- my main domain
/var/www/vhosts/domain1.com/domain2.com/ <- additional site on same subscription
/var/www/vhosts/domain1.com/error_docs/not_found.html <- custom error document
When I open domain1.com/not_exists OR domain2.com/not_exists - it's shows 404 error with content from /var/www/vhosts/domain1.com/error_docs/not_found.html
I am using a .htaccess file for a short url system that I made. It is supposed to use a file, sudir.php, to find the url that the "code" that was entered is for. But whenever I goto the page at http://localhost/shorturl/t10m3S which doesn't exist so it is supposed to redirect with sudir.php, but it only takes me to a generic "Not Found" page.
This is what i have in my .htaccess:
ErrorDocument 404 /shorturl/sudir.php
If I change it to my phptesting folder, it shows the index of that folder. If I change it to just the shorturl folder, it still gives me the generic 404 error page. If I remove it completely it shows the default page from Apache. So it basically seems like Apache or .htaccess or something doesn't know that the shorturl folder exists even though I can access it and it works. It seems all I need is for it to acknowledge that the folder is there and actually load the sudir.php file, but I don't know what to do.
Additional Info:
I am using a .htaccess file in a different directory to redirect to YouTube pages like how youtu.be does and it works perfectly fine. I did have the same problem with it though at first, but I just renamed the folder it was in and changed the .htaccess to correspond and it started working. I have tried the same with shorturl, but it did not work.