Why do I get an Access forbidden in Apache? - apache

Why do I get this error on apache when I access a certain js file??? I tried changing the httpd-xampp.conf from Require local to Require local granted but still to no avail.
I have the right permission to the js file I can even edit it using notepad++.
Access forbidden!
You don't have permission to access the requested object. It is either read-protected or not readable by the server.
If you think this is a server error, please contact the webmaster.
Error 403
localhost
Apache/2.4.17 (Win32) OpenSSL/1.0.2d PHP/5.6.14
here is inside the http-xampp.conf file.
#
# XAMPP settings
#
<IfModule env_module>
SetEnv MIBDIRS "C:/xampp/php/extras/mibs"
SetEnv MYSQL_HOME "\\xampp\\mysql\\bin"
SetEnv OPENSSL_CONF "C:/xampp/apache/bin/openssl.cnf"
SetEnv PHP_PEAR_SYSCONF_DIR "\\xampp\\php"
SetEnv PHPRC "\\xampp\\php"
SetEnv TMP "\\xampp\\tmp"
</IfModule>
#
# PHP-Module setup
#
LoadFile "C:/xampp/php/php5ts.dll"
LoadFile "C:/xampp/php/libpq.dll"
LoadModule php5_module "C:/xampp/php/php5apache2_4.dll"
<FilesMatch "\.php$">
SetHandler application/x-httpd-php
</FilesMatch>
<FilesMatch "\.phps$">
SetHandler application/x-httpd-php-source
</FilesMatch>
#
# PHP-CGI setup
#
#<FilesMatch "\.php$">
# SetHandler application/x-httpd-php-cgi
#</FilesMatch>
#<IfModule actions_module>
# Action application/x-httpd-php-cgi "/php-cgi/php-cgi.exe"
#</IfModule>
<IfModule php5_module>
PHPINIDir "C:/xampp/php"
</IfModule>
<IfModule mime_module>
AddType text/html .php .phps
</IfModule>
ScriptAlias /php-cgi/ "C:/xampp/php/"
<Directory "C:/xampp/php">
AllowOverride None
Options None
Require all denied
<Files "php-cgi.exe">
Require all granted
</Files>
</Directory>
<Directory "C:/xampp/cgi-bin">
<FilesMatch "\.php$">
SetHandler cgi-script
</FilesMatch>
<FilesMatch "\.phps$">
SetHandler None
</FilesMatch>
</Directory>
<Directory "C:/xampp/htdocs/xampp">
<IfModule php5_module>
<Files "status.php">
php_admin_flag safe_mode off
</Files>
</IfModule>
AllowOverride AuthConfig
</Directory>
<IfModule alias_module>
Alias /licenses "C:/xampp/licenses/"
<Directory "C:/xampp/licenses">
Options +Indexes
<IfModule autoindex_color_module>
DirectoryIndexTextColor "#000000"
DirectoryIndexBGColor "#f8e8a0"
DirectoryIndexLinkColor "#bb3902"
DirectoryIndexVLinkColor "#bb3902"
DirectoryIndexALinkColor "#bb3902"
</IfModule>
Require all granted
</Directory>
Alias /phpmyadmin "C:/xampp/phpMyAdmin/"
<Directory "C:/xampp/phpMyAdmin">
AllowOverride AuthConfig
Require all granted
</Directory>
Alias /webalizer "C:/xampp/webalizer/"
<Directory "C:/xampp/webalizer">
<IfModule php5_module>
<Files "webalizer.php">
php_admin_flag safe_mode off
</Files>
</IfModule>
AllowOverride AuthConfig
Require all granted
</Directory>
</IfModule>
#
# New XAMPP security concept
#
<LocationMatch "^/(?i:(?:xampp|security|licenses|phpmyadmin|webalizer|server-status|server-info))">
Require local granted
ErrorDocument 403 /error/XAMPP_FORBIDDEN.html.var
</LocationMatch>

In this section:
<Directory "C:/xampp/php">
AllowOverride None
Options None
Require all denied
<Files "php-cgi.exe">
Require all granted
</Files>
</Directory>
Change
Require all denied
to
Require all granted
Not the perfect solution imho, but should make your dev environment work.
UPDATE:
Change the enitre section to this:
<Directory "C:/xampp/php">
AllowOverride None
Order Allow,Deny
Allow from All
</Directory>
This is the default I use (from symfony.com).

I figured it out. There was just a typo in my code....
this causes the error..
<script src="/hris/admin/../template/assets/js/jquery-ui.custom.js </script>"></script>
doubled the </script> tag

Related

Plesk Implement client SSL certificates for authentication

I need to configure Plesk Apache
Where users will authenticate with a .pfx digital certificate
find text within files
Server Error
403
Forbidden
You do not have permission to access this document.
I use Plesk
I just want the /login/ folder
Request client certificate
https://site.plesk.page/login/
I couldn't get it to work.
Configuration file:
/var/www/vhosts/system/site.plesk.page/conf/httpd.conf
<IfModule mod_ssl.c>
<VirtualHost 177.234.155.186:7081 >
ServerName "site.plesk.page"
ServerAlias "www.site.plesk.page"
ServerAlias "ipv4.site.plesk.page"
UseCanonicalName Off
CustomLog /var/www/vhosts/system/site.plesk.page/logs/access_ssl_log plesklog
ErrorLog "/var/www/vhosts/system/site.plesk.page/logs/error_log"
DocumentRoot "/var/www/vhosts/site.plesk.page/httpdocs"
<IfModule mod_suexec.c>
SuexecUserGroup "cert_a1a3" "psacln"
</IfModule>
<IfModule mod_userdir.c>
UserDir "/var/www/vhosts/site.plesk.page/web_users/*"
</IfModule>
<IfModule mod_sysenv.c>
SetSysEnv PP_VHOST_ID "446fa1b6-1832-4b2b-ae5d-aab42b94bd29"
</IfModule>
Alias "/plesk-stat" "/var/www/vhosts/system/site.plesk.page/statistics"
<Location /plesk-stat/>
Options +Indexes
</Location>
<Location /plesk-stat/logs/>
Require valid-user
</Location>
Alias /webstat /var/www/vhosts/system/site.plesk.page/statistics/webstat
Alias /webstat-ssl /var/www/vhosts/system/site.plesk.page/statistics/webstat-ssl
Alias /ftpstat /var/www/vhosts/system/site.plesk.page/statistics/ftpstat
Alias /anon_ftpstat /var/www/vhosts/system/site.plesk.page/statistics/anon_ftpstat
Alias /awstats-icon /usr/share/awstats/wwwroot/icon
SSLEngine on
SSLProtocol -all +TLSv1.2
SSLHonorCipherOrder On
SSLVerifyClient none
SSLCertificateFile /usr/local/psa/var/certificates/scf6sEW8u
SSLCACertificateFile /usr/local/psa/var/certificates/ca-bundle.crt
SSLCACertificatePath /usr/local/psa/var/certificates/
SSLSessionCacheTimeout 1
<Directory /var/www/vhosts/site.plesk.page/httpdocs>
<IfModule mod_fcgid.c>
<Files ~ (\.fcgi$)>
SetHandler fcgid-script
Options +ExecCGI
</Files>
</IfModule>
<IfModule mod_proxy_fcgi.c>
<Files ~ (\.php$)>
SetHandler proxy:unix:/var/www/vhosts/system/site.plesk.page/php-fpm.sock|fcgi://127.0.0.1:9000
</Files>
</IfModule>
SSLRequireSSL
Options -Includes -ExecCGI
</Directory>
<Location /login/>
SSLRequireSSL
ServerSignature On
SSLUserName SSL_CLIENT_S_DN_CN
SSLCipherSuite ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS
SSLOptions +StdEnvVars +ExportCertData
SSLVerifyClient require
SSLVerifyDepth 1
Options +ExecCGI -Indexes -MultiViews
AddHandler cgi-script .cgi .pl .php
SetHandler login
AllowOverride All
Order allow,deny
Allow from all
</Location>
<Directory "/var/www/vhosts/system/site.plesk.page/statistics">
AuthType Basic
AuthName "Domain statistics"
AuthUserFile "/var/www/vhosts/system/site.plesk.page/pd/d..httpdocs#plesk-stat"
require valid-user
</Directory>
Alias /error_docs /var/www/vhosts/site.plesk.page/error_docs
ErrorDocument 400 /error_docs/bad_request.html
ErrorDocument 401 /error_docs/unauthorized.html
ErrorDocument 403 /error_docs/forbidden.html
ErrorDocument 404 /error_docs/not_found.html
ErrorDocument 500 /error_docs/internal_server_error.html
ErrorDocument 405 /error_docs/method_not_allowed.html
ErrorDocument 406 /error_docs/not_acceptable.html
ErrorDocument 407 /error_docs/proxy_authentication_required.html
ErrorDocument 412 /error_docs/precondition_failed.html
ErrorDocument 414 /error_docs/request_uri_too_long.html
ErrorDocument 415 /error_docs/unsupported_media_type.html
ErrorDocument 501 /error_docs/not_implemented.html
ErrorDocument 502 /error_docs/bad_gateway.html
ErrorDocument 503 /error_docs/maintenance.html
DirectoryIndex "index.html" "index.cgi" "index.pl" "index.php" "index.xhtml" "index.htm" "index.shtml"
Include "/var/www/vhosts/system/site.plesk.page/conf/vhost_ssl.conf"
<Directory /var/www/vhosts/site.plesk.page>
Options -FollowSymLinks
AllowOverride AuthConfig FileInfo Indexes Limit Options=Indexes,SymLinksIfOwnerMatch,MultiViews,ExecCGI,Includes,IncludesNOEXEC
</Directory>
#extension sslit begin
#extension sslit end
#extension letsencrypt begin
Alias /.well-known/acme-challenge "/var/www/vhosts/default/htdocs/.well-known/acme-challenge"
<Location /.well-known/acme-challenge/>
# Require all granted
Order Deny,Allow
Allow from all
Satisfy any
</Location>
<LocationMatch "^/.well-known/acme-challenge/(.*/|)\.">
# Require all denied
Order Allow,Deny
Deny from all
</LocationMatch>
#extension letsencrypt end
</VirtualHost>

How to create an alias for phpmyadmin in apache?

Using Ubuntu 16.04, apache2.
I have the following virtual host in apache, but my URL http://example.com/phpmyadmin gives a 404 error. Any ideas?
From looking at other stackoverflow posts, this should work, but it isn't working. I'm fairly new to the Linux/Apache world (if this was on IIS I'd be fine!) so if you can give any pointers that'd also be appreciated.
<VirtualHost *:80>
ServerName example.org
Alias /phpmyadmin/ /user/share/phpmyadmin/
DocumentRoot "/var/www/html"
<Directory /usr/share/phpmyadmin>
Require all granted
Options FollowSymLinks
DirectoryIndex index.php
<IfModule mod_php5.c>
AddType application/x-httpd-php .php
php_flag magic_quotes_gpc Off
php_flag track_vars On
php_flag register_globals Off
php_admin_flag allow_url_fopen Off
php_value include_path .
php_admin_value upload_tmp_dir /var/lib/phpmyadmin/tmp
php_admin_value open_basedir /usr/share/phpmyadmin/:/etc/phpmyadmin/:/var/lib/phpmyadmin/
</IfModule>
</Directory>
# Disallow web access to directories that don't need it
<Directory /usr/share/phpmyadmin/libraries>
Order Deny,Allow
Deny from All
</Directory>
<Directory /usr/share/phpmyadmin/setup/lib>
Order Deny,Allow
Deny from All
</Directory>
<Directory "/var/www/html">
allow from all
Options None
Require all granted
</Directory>
</VirtualHost>
Thanks in advance.

Directory not rendering images because of cgi

My server doesn't render any images under the cgi directory, I know that this is because apache is told to run every file under that directory as a cgi program.
I would like to adjust the settings to tell apache to run all the .cgi and .pl as cgi programs but run the rest of files as they should be.
For instance, if I go to example.com/x.gif from a browser I can see the image, but if I go to example.com/cgi-bin/x.gif I can't. (being the image in both dirs, of course, and with 775)
The problem is that I don't know how to tell that to apache, this is the httpd.include
<Directory /var/www/vhosts/example.com/httpdocs>
<IfModule mod_perl.c>
<Files ~ (\.pl$)>
SetHandler perl-script
PerlHandler ModPerl::Registry
Options ExecCGI
allow from all
PerlSendHeader On
</Files> </IfModule> <IfModule mod_python.c>
<Files ~ (\.py$)>
SetHandler python-program
PythonHandler mod_python.cgihandler
</Files> </IfModule> <IfModule mod_fcgid.c>
<Files ~ (\.fcgi)>
SetHandler fcgid-script
Options +FollowSymLinks +ExecCGI
</Files> </IfModule> <IfModule mod_fcgid.c>
<Files ~ (\.php)>
SetHandler fcgid-script
FCGIWrapper /var/www/cgi-bin/cgi_wrapper/cgi_wrapper .php
Options +ExecCGI
allow from all
</Files> </IfModule>
SSLRequireSSL
Options -Includes +ExecCGI
</Directory>
I found a solution.
As I said, apache is told to run every file under that directory as a cgi program. So are needed new rules to tell apache to use a default handler for those filetypes different from .php , .pl or .cgi:
<Directory /var/www/vhosts/example.com/httpdocs/cgi-bin>
<FilesMatch "^(?!.*\.(cgi|php|pl)$).*$">
SetHandler default-handler
</FilesMatch>
</Directory>
If you can't access the httpd.conf for any reason you still can do the trick with .htaccess adding this three lines to the .htaccess file of the cgi-bin folder:
<FilesMatch "^(?!.*\.(cgi|php|pl)$).*$">
SetHandler default-handler
</FilesMatch>

Apache php httpd-xampp.conf alias not working

I have httpd-xampp.conf with
<IfModule alias_module>
...
Alias /examples "D:/xampp/htdocs/examples/"
<Directory "D:/xampp/htdocs/examples">
Options Indexes FollowSymLinks Includes ExecCGI
AllowOverride All
Order allow,deny
Allow from all
Require all granted
</Directory>
</IfModule>
an in examples folder i have index.html, but when i access http://localhost:8880/examples, i have error
This page was not found
You are not logged in.
Back Log in Issues
Is there any error of my config? other alias : phpmyadmin, security work well.
I change httpd-xampp.conf to
<IfModule alias_module>
...
#!!! Don't know why
#Alias /examples "D:/xampp/examples/" don't work
Alias /my-examples "D:/xampp/examples/"
<Directory "D:/xampp/examples">
AllowOverride AuthConfig
Require all granted
</Directory>
</IfModule>
#
# New XAMPP security concept
#
<LocationMatch "^/(?i:(?:xampp|security|licenses|phpmyadmin|webalizer|server-status|server-info|my-examples))">
Require local
ErrorDocument 403 /error/XAMPP_FORBIDDEN.html.var
</LocationMatch>
and http://localhost:8880/my-examples work now

Ubuntu - Apache - Rails - Passenger - Spawning error

I've got the error where passenger complains that:
*** Passenger ERROR (ext/common/ApplicationPool/../SpawnManager.h:220):
Could not start the spawn server: /usr/local/rvm/gems/ruby-1.9.3-head/ruby: No such file or directory (2)
[ pid=8970 thr=139698295748416 file=ext/apache2/Hooks.cpp:865 time=2012-11-07 17:17:32.422 ]: Unexpected error in mod_passenger: Cannot spawn application '/www/lensfinder.se/ruby/lensfinder': Could not read from the spawn server: Connection reset by peer (104)
Backtrace:
in 'virtual Passenger::SessionPtr Passenger::ApplicationPool::Client::get(const Passenger::PoolOptions&)' (Client.h:750)
in 'Passenger::SessionPtr Hooks::getSession(const Passenger::PoolOptions&)' (Hooks.cpp:297)
in 'int Hooks::handleRequest(request_rec*)' (Hooks.cpp:566)
From what I can read is that it cant access /www/lensfinder.se/ruby/lensfinder though it exist.
And I found this FAQ on Phusion Passengers site
The problem is that, when I try to use that command,
passenger-config --root
I get this:
-bash: /usr/bin/passenger-config: ruby: bad interpreter: No such file or directory
apache config:
LoadModule passenger_module /usr/local/rvm/gems/ruby-1.9.3-head/gems/passenger-3.0.12/ext/apache2/mod_passenger.so
PassengerRoot /usr/local/rvm/gems/ruby-1.9.3-head/gems/passenger-3.0.12
PassengerRuby /usr/local/rvm/wrappers/ruby-1.9.3-head/ruby
<VirtualHost 10.0.0.37:80>
ServerAdmin webmaster#compartment.se
DocumentRoot /www/lensfinder.se/htdocs
ServerName lensfinder.se
Redirect 301 / http://www.lensfinder.se/
ErrorLog /var/log/apache2/lensfinder.se-error.log
CustomLog /var/log/apache2/lensfinder.se-access.log combined
</VirtualHost>
<VirtualHost 10.0.0.37:80>
ServerAdmin hostmaster#compartment.se
ServerName lensfinder.se
ServerAlias www.lensfinder.se
ServerAlias *.lensfinder.se
# DocumentRoot /www/lensfinder.se/htdocs
DocumentRoot /www/lensfinder.se/ruby/lensfinder/script
<Directory />
Options FollowSymLinks
AllowOverride all
</Directory>
<Directory /www/lensfinder.se/htdocs>
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
</Directory>
ScriptAlias /cgi-bin/ /www/lensfinder.se/cgi-bin/
<Directory "/www/lensfinder.se/cgi-bin">
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
AllowOverride AuthConfig
#Options Includes
#Options FollowSymLinks
#Options +Indexes +Multiviews +FollowSymLinks
</Directory>
<Directory "/www/lensfinder.se/htdocs/usage">
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
AllowOverride AuthConfig
#Options Includes
#Options FollowSymLinks
#Options +Indexes +Multiviews +FollowSymLinks
</Directory>
ErrorLog /var/log/apache2/lensfinder.se-error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog /var/log/apache2/lensfinder.se-access.log combined
Alias /doc/ "/usr/share/doc/"
<Directory "/usr/share/doc/">
Options Indexes MultiViews FollowSymLinks
AllowOverride None
Order deny,allow
Deny from all
Allow from 127.0.0.0/255.0.0.0 ::1/128
</Directory>
Alias /ruby/ /www/lensfinder.se/ruby/lensfinder/script
<Directory /www/lensfinder.se/ruby/lensfinder/script>
# Options ExecCGI
# AddHandler cgi-script .cgi
# Addhandler fastcgi-script .fcgi .fcg .fpl
AllowOVerride all
Order allow,deny
Allow from all
</Directory>
<IfModule passenger_module>
PassengerRoot /usr/local/rvm/gems/ruby-1.9.3-head/gems/passenger-3.0.12
PassengerRuby /usr/local/rvm/gems/ruby-1.9.3-head/ruby
</IfModule>
RailsEnv production
RailsBaseURI /script
#
<Location />
# Insert filter
SetOutputFilter DEFLATE
# Netscape 4.x has some problems...
BrowserMatch ^Mozilla/4 gzip-only-text/html
# Netscape 4.06-4.08 have some more problems
BrowserMatch ^Mozilla/4\.0[678] no-gzip
# MSIE masquerades as Netscape, but it is fine
# BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
# NOTE: Due to a bug in mod_setenvif up to Apache 2.0.48
# the above regex won't work. You can use the following
# workaround to get the desired effect:
BrowserMatch \bMSI[E] !no-gzip !gzip-only-text/html
# Don't compress images
SetEnvIfNoCase Request_URI \
\.(?:gif|jpe?g|png)$ no-gzip dont-vary
# Make sure proxies don't deliver the wrong content
#Header append Vary User-Agent env=!dont-vary
</Location>
</VirtualHost>
Ok my guess is that you point Passenger to the wrong directory. You should point it to the public directory of your Rails app.
Here's a minimalist configuration for your project that goes in /etc/apache2/sites-available/lensfinder.se:
<VirtualHost 10.0.0.37:80>
ServerAdmin hostmaster#compartment.se
ServerName lensfinder.se
ServerAlias *.lensfinder.se
DocumentRoot /www/lensfinder.se/ruby/lensfinder/public
RailsEnv production
<Directory "/www/lensfinder.se/ruby/lensfinder/public">
Options FollowSymLinks
AllowOverride All
Options -MultiViews
</Directory>
</VirtualHost>
Then edit /etc/apache2/apache2.conf and at the end of the file, add :
LoadModule passenger_module /usr/local/rvm/gems/ruby-1.9.3-head/gems/passenger-3.0.12/ext/apache2/mod_passenger.so
PassengerRoot /usr/local/rvm/gems/ruby-1.9.3-head/gems/passenger-3.0.12
PassengerRuby /usr/local/rvm/wrappers/ruby-1.9.3-head/ruby
then simlink your virtualhost config to enable it:
ln -s /etc/apache2/sites-available/lensfinder.se /etc/apache2/sites-enabled/lensfinder.se
And of course restart apache2
In addition to the previous answer, In my case even after editing configuration files I still had issues loading up Apache as the module was still configured to load the previous (global) .so file.
I found there were source files and scripts in the /usr/local/rvm/gems/[YOUR-RUBY-VER]/gems/passenger-[YOUR-PASSENGER-VER]/ext/apache2/ directory, but no binaries. There were however scripts provided to build those. Simply run sudo /usr/local/rvm/gems/ruby-[YOUR-RUBY-VER]/gems/passenger-[YOUR-PASSENGER-VER]/bin/passenger-install-apache2-module.