Apache on Raspberry Pi deny/allow IP of directory - apache

I know that this has been asked before but I just can't get it to work. What I want to achieve is to make it so that the index.php file and others in the /var/www directory can only be accessed when connected to my home network, but phpmyadmin is available through a server hosted on Weaved (weaved.com). Ideally it would make everything "private"(only accessible when on the home network) except phpmyadmin and the MySQL databases. When using the code bellow I can still acces the page from any IP address I like, why? Thanks in advance!
<Directory /var/www/>
order deny,allow
deny from all
allow from 192.168.0.240
</Directory>

Related

Accessing local host from another machine

I have seen many answers on this with what would appear to be simple solutions, none of which are working for me at this time.
I have WAMP install with Apache 2.4.33 32bit installed on a PC. I can access the site on that PC without a problem using the alias mySite.local.
The PC's host file looks like this
127.0.0.1 mySite.local
The remote lap top's host file is
192.168.1.114 mySite.local
That is the IP of the PC on the network.
httpd.conf
Listen 80
ServerName mySite.local:80
<Directory />
AllowOverride none
Require all denied
</Directory>
DocumentRoot "H:/Intranet/mySite_v2_www/public"
httpd-vhosts.conf
<VirtualHost *:80>
ServerName mySite.local
DocumentRoot "H:/Intranet/mySite_v2_www/public"
</VirtualHost>
I have tried disabling the windows firewall and virus checker on the PC.
The laptop appears to be getting there but being blocked. The message is..
Forbidden
You don't have permission to access / on this server.
Apache/2.4.33 (Win32) PHP/7.2.4 Server at mySite.local Port 80
So it looks like it can see Apache but is being blocked. So what else needs to be set to get access to the server?
Here are two of the links that I have been following to try and get this to work
Error message "Forbidden You don't have permission to access / on this server"
and
How do I connect to this localhost from another computer on the same network?
Thanks for any direction you can provide.
To complement the answer of Paul Neale:
Forbidden You don't have permission to access / on this server. Apache/2.4.33 (Win32) PHP/7.2.4 Server at mySite.local Port 80
That message is an answer from Apache. Disabling the windows firewall and virus checker on the PC won't have any effect, you are already reaching Apache there is not any networking problem.
Apache is receiving your request to access the root folder "public":
H:/Intranet/mySite_v2_www/public
But denies the request because, the directive Require local is enabled. This directive means, you can access to the content of public from the local server (localhost), which is the same to say 127.0.0.0 or localhost.
What you wanted is to tell apache that allows the access of certain IP address to the root directory "public".
When you changed the directive to Require all granted you are telling apache that, no matter who asks, give it access to / (root folder) in other words "public".
So, what you was searching for is "Access Control" in apache, and the directive Require can be used with IP address, here's the main document from Apache, this is an example:
Require host address
Require ip ip.address
It's important to differentiate between Network//Permissions problems. If you want to know if you are able to communicate (At network level) with Apache, you could do:
telnet <IP_APACHE_SERVER> <PORT_APACHE_SERVER>
#example: telnet 172.10.10.2 80
So after playing around will combinations for a day I found that in the httpd.conf I needed to change Require local to Require all granted in the section.
<Directory "H:/Intranet/mySite_v2_www/public/">
Options +Indexes +FollowSymLinks +Multiviews
AllowOverride all
# onlineoffline tag - don't remove
# Require local
Require all granted
</Directory>

Can't access web services via IP but through the host names it does

I'm using a server 2008 r2. There I've installed Wamp on port 8080, SSRS on port 8063 and Some IIS sites on various ports.
I've installed CCproxy on the same server.
The funny thing is, I can't access them via server IP:port (192.168.8.100:8080) But I can, however, access it by Host:port (Mainserver:8080).
Then I thought it might be a clash between those services and installed wamp on a windows 8.1 computer and even that I can't access via the IP.
Please help.
Thanks
it looks like you are trying to access your website by using the local IP range 192.168.1.100. In some WAMP default configs, the devs have set the apache config to disallow access except from localhost.
Try to open the httpd.conf file located at
C:\wamp\bin\apache\apache#.#.#\conf\httpd.conf
Find the <Directory "c:/wamp/www"> block and replace the Order Deny,Allow and everything that follows with Order Allow,Deny followed by Allow from all. The end result should look like something similar to this:
DocumentRoot "c:/wamp/www"
<Directory "c:/wamp/www">
Options Indexes FollowSymLinks
Order Allow,Deny
Allow from all
</Directory>
To be safe, look into the virtual hosts config file and see if you find any Order Deny,Allow directives and replace them as well. The file is located at C:\wamp\bin\Apache#.#.#\conf\extra\httpd-vhosts.conf
You can read more about Order Directive from the Apache Documentation

WAMP: Viewing Virtual Host site from phone

I've recently learned how to setup Virtual Sites with WAMP by following this Tutorial.
I've tried viewing the server through my phone by typing my ip address in the browsers address bar but am being told I am forbidden to access it.
I've read a few things online that can help solve this but can't seem to understand what they mean. One advise was to root the phone so that I can access its hosts file, but I understand that'll stop my phone from updating important software. And another is setting up my own server, which I don't know how to do, which also doesn't explain how.
Is there anything I can do within the Apache httpd.conf file or anything else that can help me view my virtual site(s)?
So the solution I came up with is to create another VirtualHost with a port number, which I can view from my ip-address.
In the httpd.conf file I wrote,
<VirtualHost *:90>
DocumentRoot 'C:\wamp\www\mysite'
<Directory 'C:\wamp\www\mysite'>
Options Indexes FollowSymLinks
AllowOverride All
Order Deny,Allow
Allow from all
Allow from 127.0.0.1
Allow from ::1
Allow from localhost
</Directory>
</VirtualHost>
Listen 90
Now when I type IP-ADDRESS:PORTNUMBER in a remote web browser connected to my wifi, I can view the site.
I've written a blog about it HERE.

how connect to phpmyadmin from other hosts

I have a lan network with 2 computer and installed wamp on computer 1.
now I want to access to whole of phpmyadmin on computer 1 from computer 2 and make changes.
from users tab in root of phpmyadmin page I created a user.
I filled username field with 'root' and host field with my computer 2 IP address and left password field with "no password" and checked all Global privileges for my user.
now I connect to wamp on computer 1 from computer 2 and click on phpmyadmin link.
but It give me this error:
FORBIDDEN
you don't have permission to access /phpmyadmin/ on this server
what I must do now for solving this problem?
change below line in C:\xampp\apache\conf\extra\httpd-xampp.conf, you can directly open this file by
<Directory "C:/xampp/phpMyAdmin">
Options Indexes FollowSymLinks MultiViews
AllowOverride all
Require all granted
ErrorDocument 403 /error/XAMPP_FORBIDDEN.html.var
</Directory>
That error message has more to do with Apache blocking access, than with phpMyAdmin, or the MySQL user account created.
Your issue is with Apache's configuration, or more specifically your WAMP's configuration of the /phpmyadmin URL.
Find the configuration file where the \phpmyadmin URL Alias is set up. It possibly will have these lines in it -
<Location /phpmyadmin>
order deny,allow
deny from all
allow from 127.0.0.1
</Location>
Add another allow from IP.Address line in it to match the IP.Address of your other LAN system. Restart Apache.
If phpMyAdmin is not set up via an Alias (it is under WampDeveloper, not sure about other WAMPs like Xampp or WampServer), but is rather just a dump of its files in a DocumentRoot (website's webroot) sub-folder, check the .htaccess file there.
I filled username field with 'root' and host field with my computer 2 IP address and left password field with "no password" and checked all Global privileges for my user.
In this case, the host field will always be in relation to the location of MySQL, not to the system phpMyAdmin is being accessed from... If you are accessing MySQL via phpMyAdmin, the host field should always be - localhost. As phpMyAdmin is on the same system MySQL is. The only time you'd use another domain-name, host-name, or IP for host: is when you are accessing MySQL directly from another system. By directly I mean, not via a script or URL, but via some type of a client (which is almost always a binary/executable).
go to PHPMYADMIN.conf or search on it from wamp or wamp64
adjust on it as the following:
change
Require local
to be
Require all granted
And add your another client IP address after this line
Allow from localhost ::1 127.0.0.1
add this
Allow from CLIENTIPADDRESS
Restart Wamp or Wamp64
go to C:\wamp\alias\phpmyAdmin.conf
open phpmyadmin.conf in notepad
overwrite the below given code in it
<Directory "c:/wamp/apps/phpmyadmin3.3.9/">
Options Indexes FollowSymLinks MultiViews
AllowOverride all
Order Allow,Deny
Allow from all
</Directory>
change here is allow from all only..
First just check you have installed php, mysql and apache correctly.
Now if are you able to access phpmyadmin from your local host then above things are installed correctly. If you want to access phpmyadmin from another host, make the entry of 2nd host in following config file
/etc/httpd/config.d/phpmyadmin.conf
<Location /phpmyadmin>
order deny,allow
deny from all
allow from 127.0.0.1 <2nd host IP address>
</Location>
Then save you httpd settings and stop
service httpd restart
And now you are able to access phpmyadmin from another host

phpmyadmin domain name

I have setup an Ubuntu LAMP server, and I have had phpmyadmin working fine with my website. However, I have recently had to create a virtual host for my IP address to avoid a security issue with directory listings in Tomcat, and now I can no longer access phpmyadmin.
It used to be at 192.68.1.99/phpmyadmin, and the actual phpmyadmin files are located in
/usr/share/phpmyadmin
I have a domain name pointing at my sever which I can use to point at phpmyadmin - how do I configure this?
thanks
Try to add
Alias /phpmyadmin /usr/share/phpmyadmin
To your global configuration or to virtual host which serves 192.68.1.99:80
This will allows you to access it again on URL http://192.68.1.99/phpmyadmin
If you want to setup phpmyadmin to be available using domain name, it is very same,
just put this line into VirtualHost settings of server under which you want to access it.
If you receive errors like access forbidden, add also following lines:
<Directory /usr/share/phpmyadmin>
Allow from all
Deny from None
Order Allow,Deny
</Directory>
<Location /phpmyadmin>
Allow from all
Deny from None
Order Allow,Deny
</Location>