Why can't I upload .htaccess file using terminal? - apache

I have a Amazon EC2 server running Apache, I'm trying to enable SSI using .htaccess file, I created the .htaccess file and saved it to my website files folder (not my server), and tried to upload it using scp -i /Users/jeffArries/Desktop/jeffarries.pem /Users/jeffArries/Desktop/Website_Testing_Folder/.htaccess ec2-user#ec2-54-213-219-247.us-west-2.compute.amazonaws.com:/var/www/html in Terminal, and got this error message:
"/Users/jeffArries/Desktop/Website_Testing_Folder/.htaccess: No such file or directory"
How can I upload my .htaccess file to my Apache server using Terminal?
Thanks!
Update:
Update 2:

As can be seen in the output of ls -Abl, the filename is actually .htaccess.txt.
Side note:
Enabling SSI for every .html file is a bad idea performance-wise. THe typical way is to use a special extension (like .shtml), or execute bits on the file (via XBitHack).
On Apache 2.4, the current way is to enable the INCLUDES filter instead of using AddHandler:
AddType text/html .html
AddOutputFilter INCLUDES .html
…
AddHandler server-parsed is still supported for backward compatibility.

Related

How to configure Apache 2.4 to use 'content negotiation' in order to serve webp images?

In my HTML file there are several <img src="images/<filename>.jpeg">
The directory "images" holds these files:
<filename>.jpeg
as well as
<filename>.webp
and
<filename>.jpeg.webp
The latter two are identical webp versions of the jpeg file.
Now I want to configure Apache 2.4 on Oracle Linux 8.6 for 'content negotiation'. I am expecting that Apache returns a .webp file instead of the requested .jpeg file, if the browser supports .webp. I don't want to use the HTML <picture> tag or 'srcset' for several reasons, but leave the code untouched.
I have found several promissing configuration examples for nginx, but unfortunatly only litte on Apache:
https://gist.github.com/sergejmueller/5500879
https://stackoverflow.com/a/58857260/4335480
These two links outline 'rewrites' that are to go to the .htaccess file in the /images directory. I tried them both as '.htaccess' in the 'image' directory and it didn't work. I also put them directly in the httpd.conf and it didn't work either. And I tried these lines in the root directory's .htaccess
'AllowOverride All' is included in all section. Even the 'images' directory is explicitly listed.
In Chrome Dev Tools I verified that the request headers include 'image/webp'.
Probably not necessary: In my despair I have disabled nosniff on the Apache server and verified in the response header that it isn't set.
Whatever I try, the server only returns the jpeg file. I can verify this not only by the file name but also by the content-length field in the response header.
So what can I do to have Apache serve avif, webp and (fall back) jpeg in that order, whenever a jpeg file is requested?
Found the error myself. Note to self: don't just copy code snippets to use them. Read and understand them to find errors or identify necessary adaptions.
Vincent Orback's code is often cited for this problem, so I blindly trusted and used it: https://github.com/vincentorback/WebP-images-with-htaccess
It contains the following line:
RewriteCond %{DOCUMENT_ROOT}/$1.webp -f
The outcome is that .webp images are only searched for in the web server root directory. On my site, images are in a subdirectory called 'images'.
Trying to load an image in the browser would fail (deliver the jpeg, not the webp version):
https://<my domain>/images/<image name>.jpeg
But after altering above line to
RewriteCond %{DOCUMENT_ROOT}/images/$1.webp -f
eventually everything worked!
All the other things were unnecessary. You only need one AllowOverride All before the virtual host containers for <Directory / > and all servers and subdirectories would have .htaccess enabled, if present. For this problem, only one .htaccess in the image subdir was necessary, none in the root and no special httpd.conf entries. I turned nosniff on again. The alternativ .webp files just need the extention .webp, not .jpeg.webp

XAMPP .htaccess AddEncoding br brotli

I install no my MacOs HighSierra fresh XAMPP (osx-7.4.6-0-vm) and start it - server runs on IP 192.168.64.2 . Then I mount /opt/lampp and click to Explore. The Finder window open and I go to directory htdocs/. Then inside htdocs I create folder assets and inside it I copy file alice.wasm (this file is compressed using brotli (br)). You can download this test (brotli compressed) file using this jsfiddle generator. Inside htdocs I create following .htaccess file
<IfModule mod_mime.c>
AddType application/wasm .wasm
AddEncoding br .wasm
AddOutputFilterByType DEFLATE application/wasm
</IfModule>
Problem
When I go to http://192.168.64.2/assets/alice.wasm browser not download file and in chrome>networks tab I see (here are more details)
(failed) net::ERR_CONTENT_DECODING_FAILED
However, when I change AddEncoding br .wasm to AddEncoding rar .wasm (or instead 'br' I use zip, or none) then browser download file (details) but the problem is that browser automatically NOT decompress file (so it save compressed file).
When I put this .htacces file and alice.wasm file to some AZURE apache-like server (but I don't have access to it configuration files) then browser download file and decompress it on the fly (details) - so this is POSSIBLE.
Question: What I should do to make XAMPP working as expected?
brotli module works only on HTTPS mod. See it here: why does not brotli work on http?. If you have ssl certificate, it will work there.
It is very strange, but when I enable port forwarding
And go to http://localhost:8080/assets/alice.wasm then Chrome download file and automatically decompress it (exactly what I want). AZURE works on HTTPS and file was downloaded properly probably because brotli compression is support only for HTTPS - however probably on Chrome localhost is 'special' and allows it too.

PDF not opening correctly on web browser for files on remote folder

I'm using a Debian EC2 instance running a Apache2 server (from the open semantic search package).
When I try to open a pdf file in the web browser (inline?), it opens a modified version of it when the file is located on a remote folder but not when the file is located locally.
I saw recommendation (http://www.devside.net/wamp-server/forcing-a-pdf-or-doc-to-open-in-browser-rather-than-downloading) to modify the Apache configuration file to include:
<LocationMatch "\.(?i:pdf)$">
ForceType application/pdf
Header set Content-Disposition inline
</LocationMatch>
I tried adding it to /etc/apache2/apache2.conf
But when I restart the apache server, I get the following error message:
apachectl[16425]: AH00526: Syntax error on line 207 of /etc/apache2/apache2.conf:
apachectl[16425]: Invalid command 'Header', perhaps misspelled or defined by a module not included in the server configuration
My questions are:
Which Apache configuration file should I modify?
Is this modification going to open the pdf file in the web browser inline without downloading / modifying the pdf file when coming from a remote folder?
Thanks!
Yoann
I suspect that it isn't the PDF that is getting corrupted, but the images inside of it.
Some time ago, some server admins were having problems with images getting corrupted by apache2. See for example serverfault and drupalQuestion.
The proposed solution is to change a couple of settings in the apache2 config file. I suspect memory mapping is the issue, which can be turned off by adding the following command to apache2.conf:
EnableMMAP Off
I hope this helps!

Change php.ini settings without modifying the original php.ini file or using the htaccess

The default php.ini value on my server for file uploading(upload_max_filesize, post_max_size) is 10M. I wanted to increase it to 40M. How do I do that?
Method 1: I can't use. This method doesn't work in this specific case.
ini_set("upload_max_filesize", "40M");
ini_set("post_max_size", "40M");
Method 2: I can't do it using the htaccess either. Because when I do so my server changes my .htaccess file with the following error
# For security reasons, mod_php is not used on this server. Use a php.ini file for php directives
Method 3: And I don't want to make changes to the default php.ini file because that will change the settings throughout the whole server.
Method 4: I have heard that I can create a php.ini file in my site and define the settings there but it didn't work either. My code for that file. (I kind of have a feeling that I applied this method in a wrong way)
[PHP]
upload_max_filesize =40M
post_max_size =40M
Well, method 4 worked for me as I thought. I just had to do it the right way. Adding this specific line to my .htaccess file reads the newly created php.ini file in that folder.
AddHandler application/x-httpd-php5 .php
On Bluehost cpanel PHP Configuration I selected PHP 5.2
"All files with the extension .php will be handled by the PHP 5.2 engine.
Legacy PHP with security updates. Compatible with most environments. "
To eliminate the "#For security reasons, mod_php is not used on this server. Use a php.ini..." message.

How do I serve a script with apache instead of running it?

I'm trying to host a python script using an apache web server, but the server tries to run the script instead of just offering it for download.
I do not have direct access to server, and adding the line
AddType text/plain .py
to .htaccess in the root folder does not appear to work, though I could be doing something wrong.
How do I get the server to just send the file as text instead of trying to run it?
-Edit
Changing the name does not work. Script.py.safe still give a 500 Server error when you click it.
I should also mention that the .htaccess file does work, but for some reason that one addType line is not working. Either because it's not overriding something, or the line is wrong.
In your .htaccess:
RemoveHandler .py
If you can't change the Apache config and you can't override it with an htaccess file, then it seems to me that the easiest solutions would be either to change the file extension, or else to write a script that prints the contents of the target script.
Both are hacks to some extent, but the correct solution is to change the Apache config.
One option is to change the extention and make clear that it should be renamed. IE python.py.safe or python.py.dl. The user would then need to remove the extra bit.
You could also Zip it up.
I would write something that loads the python script up. This way you could even get energetic and include formatting and styling of the code. You could even write it in python since you will not have precluded that by file extension.
<IfModule mime_module>
<Files *.py>
ForceType text/plain
</Files>
</IfModule>
in a .htaccess for the folder should work ;)