I have the following block in my .htaccess to deny download of configuration files
# Disables download of configuration
<Files ~ "\.(tpl|yml|ini)$">
# Deny all requests from Apache 2.4+.
<IfModule mod_authz_core.c>
Require all denied
</IfModule>
# Deny all requests from Apache 2.0-2.2.
<IfModule !mod_authz_core.c>
Deny from all
</IfModule>
</Files>
But how can I allow all files which are named swagger.yml?
You should be able to do this
<Files ~ "\.(tpl|yml|ini)$">
# Deny all requests from Apache 2.4+.
<IfModule mod_authz_core.c>
Require all denied
</IfModule>
# Deny all requests from Apache 2.0-2.2.
<IfModule !mod_authz_core.c>
Deny from all
</IfModule>
</Files>
<FilesMatch "swagger\.yml$">
<IfModule mod_authz_core.c>
Require all granted
</IfModule>
<IfModule !mod_authz_core.c>
Allow from all
</IfModule>
</FilesMatch>
Also you should remove the directives for the version you are not using. If you are using 2.4 then you don't need 2.2 directives there. However I left it since that's how you have it.
Going to example.com/config or example.com/account/login returns 403 Forbidden.
In reality, /config and /account/login should be redirected to index.php but it gives 403.
My directory structure is like this:
/var/www/example
└─/assets
└─/bower_components
└─/node_modules
└─/partials
└─/templates
└─/tests
└─/vendor
└─index.php
This is my Virtual host configuration:
<VirtualHost *:80>
ServerName example.com
DocumentRoot /var/www/example
<DirectoryMatch "^/var/www/example/(?!(assets|partials))\w+">
Require all denied
</DirectoryMatch>
<Location />
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^ index.php [QSA,L]
</Location>
</VirtualHost>
I want to disallow access to every folder except assets and partials, that's why I added that DirectoryMatch directive.
I use a PHP framework called Slim so I have to add Location and Rewrite directives.
I think Apache thinks my URLs are directories and blocks them. Is there a way to unblock my URLs?
Try adding:
<Directory "/var/www/example">
Order Allow,Deny
Allow From all
</Directory>
above the <DirectoryMatch> container in your vhost config.
Since you're using apache 2.4, then use require all:
<Directory "/var/www/example">
Require all granted
</Directory>
If you're using Apache 2.4 try to add in the end of your VirtualHost:
<Directory /var/www/example>
Options Indexes FollowSymLinks MultiViews
# If you want to enable overrides, you should read:
# http://httpd.apache.org/docs/2.0/mod/core.html#allowoverride
AllowOverride All
Require all granted
Satisfy Any
Order allow,deny
Allow from all
</Directory>
I have an apache vhost setup that I want to only have access to particular directories. So I have this in my vhost config:
<Directory /var/www/>
RewriteEngine on
RewriteBase /
Include /etc/apache2/sites-available/legacy_partners.inc
AddOutputFilterByType DEFLATE text/html
Order deny,allow
Deny from all
</Directory>
<Directory /var/www/partner*>
Order allow,deny
Allow from all
</Directory>
My problem is that I have some rewrite rules that change the directory accessed e.g. "migrated". So what I want to do is allow access to the directory only if the URL has been rewritten from an allowed directory. So rewritten from /partner to /migrated
Is this possible?
I just installed XAMPP Windows 1.8.2 in my computer. Port 80 is secured and in use by Apache there are no problems nor any port conflicts. I always open Xampp and start both Apache and MySQL Modules in the control panel. Both modules are running, Whenever I click on the Apache admin button it redirects me to the localhost page, It takes a while to load and then this error shows up.
If it's too small for you guys the error says: Network Error (tcp_error)
A communication error occurred: "Connection refused"
The Web Server may be down, too busy, or experiencing other problems preventing it from responding to requests. You may wish to try again at a later time.
For assistance, contact your network support team.
Another error shows up if i try with 127.0.0.1:
The localhost changes to 130.147.134.66 NOTE: I use a proxy network and the IP address is 130.147.134.251.
I have tried changing and updating the hosts file in the C:\Windows\System32\Drivers\Etc\hosts. but the problem still persists.
Keep that in mind I am new to using Xampp, and its been only a week since I started using phpMyAdmin and MySQL
My httpd-xampp.conf file:
#
# XAMPP settings
#
<IfModule env_module>
SetEnv MIBDIRS "C:/xampp/php/extras/mibs"
SetEnv MYSQL_HOME "\\xampp\\mysql\\bin"
SetEnv OPENSSL_CONF "C:/xampp/apache/bin/openssl.cnf"
SetEnv PHP_PEAR_SYSCONF_DIR "\\xampp\\php"
SetEnv PHPRC "\\xampp\\php"
SetEnv TMP "\\xampp\\tmp"
</IfModule>
#
# PHP-Module setup
#
LoadFile "C:/xampp/php/php5ts.dll"
LoadModule php5_module "C:/xampp/php/php5apache2_4.dll"
<FilesMatch "\.php$">
SetHandler application/x-httpd-php
</FilesMatch>
<FilesMatch "\.phps$">
SetHandler application/x-httpd-php-source
</FilesMatch>
#
# PHP-CGI setup
#
#<FilesMatch "\.php$">
# SetHandler application/x-httpd-php-cgi
#</FilesMatch>
#<IfModule actions_module>
# Action application/x-httpd-php-cgi "/php-cgi/php-cgi.exe"
#</IfModule>
<IfModule php5_module>
PHPINIDir "C:/xampp/php"
</IfModule>
<IfModule mime_module>
AddType text/html .php .phps
</IfModule>
ScriptAlias /php-cgi/ "C:/xampp/php/"
<Directory "C:/xampp/php">
AllowOverride None
Options None
Require all denied
<Files "php-cgi.exe">
Require all granted
</Files>
</Directory>
<Directory "C:/xampp/cgi-bin">
<FilesMatch "\.php$">
SetHandler cgi-script
</FilesMatch>
<FilesMatch "\.phps$">
SetHandler None
</FilesMatch>
</Directory>
<Directory "C:/xampp/htdocs/xampp">
<IfModule php5_module>
<Files "status.php">
php_admin_flag safe_mode off
</Files>
</IfModule>
AllowOverride AuthConfig
</Directory>
<IfModule alias_module>
Alias /security "C:/xampp/security/htdocs/"
<Directory "C:/xampp/security/htdocs">
<IfModule php5_module>
<Files "xamppsecurity.php">
php_admin_flag safe_mode off
</Files>
</IfModule>
Order deny,allow
Deny from all
Allow from localhost
</Directory>
Alias /licenses "C:/xampp/licenses/"
<Directory "C:/xampp/licenses">
Options +Indexes
<IfModule autoindex_color_module>
DirectoryIndexTextColor "#000000"
DirectoryIndexBGColor "#f8e8a0"
DirectoryIndexLinkColor "#bb3902"
DirectoryIndexVLinkColor "#bb3902"
DirectoryIndexALinkColor "#bb3902"
</IfModule>
Require all granted
</Directory>
Alias /phpmyadmin "C:/xampp/phpMyAdmin/"
<Directory "C:/xampp/phpMyAdmin">
AllowOverride AuthConfig
Order allow,deny
Allow from all
Require all granted
</Directory>
Alias /webalizer "C:/xampp/webalizer/"
<Directory "C:/xampp/webalizer">
<IfModule php5_module>
<Files "webalizer.php">
php_admin_flag safe_mode off
</Files>
</IfModule>
AllowOverride AuthConfig
Require all granted
</Directory>
</IfModule>
#
# New XAMPP security concept
#
<LocationMatch "^/(?i:(?:xampp|security|licenses|phpmyadmin|webalizer|server-status|server-info))">
Order deny,allow
Deny from all
Allow from ::1 127.0.0.0/8 \
fc00::/7 10.0.0.0/8 172.16.0.0/12 192.168.0.0/16 \
fe80::/10 169.254.0.0/16
ErrorDocument 403 /error/XAMPP_FORBIDDEN.html.var
</LocationMatch>
It's already giving you the answer.
Look at your second picture.
This setting can be configured in the file "httpd-xampp.conf"
How to "fix" this:
either: disable your proxy for local addresses
or:
1) open the file "\xampp\apache\conf\extra\httpd-xampp.conf" in a texteditor
2) replace "Allow from localhost" with "Allow from YOURLOCALIP" (2 times)
3) save the file
4) restart Apache
See http://www.apachefriends.org/f/viewtopic.php?t=32503#p131519 too
Edit:
It's in line 120-128:
<LocationMatch "^/(?i:(?:xampp|security|licenses|phpmyadmin|webalizer|server-status|server-info))">
Order deny,allow
Deny from all
Allow from ::1 127.0.0.0/8 \
fc00::/7 10.0.0.0/8 172.16.0.0/12 192.168.0.0/16 \
fe80::/10 169.254.0.0/16 \
YOURLOCALIP <--------------------------------------------------------------
ErrorDocument 403 /error/XAMPP_FORBIDDEN.html.var
</LocationMatch>
Your security configuration for XAMPP is specified in the LocationMatch as chill0r mentioned, on lines 120-128.
Your configuration is allowing from ::1 127.0.0.0/8 \, fc00::/7 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16, and fe80::/10 169.254.0.0/16 which will never be matched since you're using a proxy AND it's denying everything. This is where the Order statement comes in. It tells your configuration to match against deny first then allow, so it will always deny since you have Deny all.
You need to change your configuration so that it doesn't deny everything and allows at least your own IP. Since it sounds like your running a local dev environment and not exposing it, you can consider removing all restrictions:
<LocationMatch "^/(?i:(?:xampp|security|licenses|phpmyadmin|webalizer|server-status|server-info))">
Allow from all
ErrorDocument 403 /error/XAMPP_FORBIDDEN.html.var
</LocationMatch>
If you do this, configure your firewall prevent port 80 access from outside your network (this can be done on your machine or router). Alternatively, you can configure it to work for an IP range using a partial IP that includes your proxy:
<LocationMatch "^/(?i:(?:xampp|security|licenses|phpmyadmin|webalizer|server-status|server-info))">
Order allow,deny
Deny from all
Allow from 130.147.134
ErrorDocument 403 /error/XAMPP_FORBIDDEN.html.var
</LocationMatch>
Notice that the Order changed from deny,allow to allow,deny so it will check against the allow statement first.
I also noticed that the two requests were for different paths, the first one is "/" and the second is "/xampp/" and the latter is the one that wasn't refused.
In your IfModule alias_module you should add an alias:
Alias "/" "C:/xampp/htdocs/xampp"
This will help you get off the ground, but you'll need to make sure to learn about the directives, specifically Alias and AliasMatch as your routing gets more complicated. Alternatively, you could just develop in the C:/xampp/htdocs/ directory instead of C:/xampp/htdocs/xampp.
Before starting the XAMPP server make sure that other running services are closed like Skype and other servers which is using the same port number.
I had the same problem, the solution is easier than other answers.
1) Install XAMPP in your pc, in this case, Windows 8.
2) Start > Administrative Tools > Services > Web Deployment Agent service and press STOP.
Usually Web Deployment uses port 80 which is the port used by XAMPP by default. If you stop that process and write localhost in your web browser you should be able to access phpmyadmin.
Hope it helps :)
Follow the below Steps
In XAMPP on the Apache Module ,Select Config button httpd.conf
Comment "Deny from all" in the following section,
<LocationMatch "^/(?i:(?:xampp|security|licenses|phpmyadmin|webalizer|server-status|server-info))">
Order deny,allow
#Deny from all
Allow from ::1 127.0.0.0/8 \
fc00::/7 10.0.0.0/8 172.16.0.0/12 192.168.0.0/16 \
fe80::/10 169.254.0.0/16
ErrorDocument 403 /error/XAMPP_FORBIDDEN.html.var
</LocationMatch>
Restart the XAMPP (Important Step)
I am trying to alias this:
/htdocs/test/index.php
In my xampp/apache/conf/extra/httpd-xampp.conf, I have the following entry:
<IfModule alias_module>
<IfModule mime_module>
Alias /test/ "D:/Installation/xampp/htdocs/test"
<Directory "D:/Installation/xampp/test">
<IfModule php5_module>
<Files "index.php">
php_admin_flag safe_mode off
</Files>
</IfModule>
Order allow,deny
Allow from all
</Directory>
</IfModule>
</IfModule>
When I go to http://localhost/test/, I get the directory listing shown. When I type in this URL- http://localhost/test/, I want to have this file- /test/index.php opened.
When I try to go to this URL directly "localhost/test/index.php", I get "Error 404 Object not found" message.
What am I doing wrong?
Find the section of your httpd-xampp.conf file with the following:
#
# DirectoryIndex: sets the file that Apache will serve if a directory
# is requested.
#
<IfModule dir_module>
DirectoryIndex index.html index.htm
</IfModule>
Add "index.php" to the DirectoryIndex line.
Apache Module mod_dir
Apache Display / Change a Default Page Other Than index.html