Store Perl CGI Scripts in any directory - apache

Is it possible to store perl scripts in any location like out side of the cgi-bin.
I would like to store them in my www folder instead or any folder under the www folder for viewing via browser e.g. (domain.com/index.pl) and not just limited to (domain.com/cgi-bin/index.pl)

You can store them in any directory you have configured Apache to execute CGI scripts in.
Options +ExecCGI
AddHandler cgi-script .cgi .pl
You can also use features such as mod_rewrite or alias to map a URL on to something in the cgi-bin

Related

How to add .htaccess rules inside <VirtualHost> or inside the httpd.conf file

A short explanation of what I'm doing is: I need to automatically create virtualhosts for each ip address on my machine, make it point to the vsftpd user directory (/home/xxx) and deny any kind of scripts from being executed.
I want to stop any kind of webpages and especially PHP scripts from being executed, because it would post a huge security risk(apache is sudo). The purpose of this virtualhost is purely to serve game resource files, extentions like .wav , .mdl , .tga , .spr and so on.
I searched around and found this
deny from all
<filesmatch "\.(avi¦wmv¦mpg¦mov)$">
Allow from all
</filesmatch>
But this is .htaccess content. How can I implement this functionality of only allowing certain extentions inside my httpd.conf file? It would be a pain to make it use .htaccess, and a risk because users might edit them.
Please refrain from any comments unrelated to my question, such as "sudo apache? you're a dumbass" and so on.
There is no such thing as .htaccess only content. The is a huge misconception. Most of time you do NOT want to use .htaccess and Apache recommends that you not use it unless necessary. Apache rules can always be put in the server config.
When not to use .htaccess
Now you can put that in your VirtualHost directive. The same location where your document root is defined.
The FilesMatch directive can be used in these context.
Context: server config, virtual host, directory, .htaccess
http://httpd.apache.org/docs/current/mod/core.html#filesmatch
So in your vhost file you can add a Directory directive like this example.
<Directory /path/to/documentroot/>
Deny from all
<FilesMatch "\.(avi|wmv|mpg|mov)$">
Allow from all
</FilesMatch>
</Directory>
If you are using Apache 2.4 then you need to use Require.
<Directory /path/to/documentroot/>
Require all denied
<FilesMatch "\.(avi|wmv|mpg|mov)$">
Require all granted
</FilesMatch>
</Directory>

Apache: /cgi-bin/my.cgi was not found on this server

I'm struggling to get my server to recognize cgi-bin in a URL.
If I place my cgi script in any site's root folder, it works perfectly without including cgi-bin in the URL. So my server is processing cgi correctly. If I attempt to use any cgi-bin configuration, it results in a 404 error.
I'm running it on a Mac server with OS 10.10. Ideally I would like to locate the cgi script in /Library/WebServer/CGI-Executables and address it as cgi-bin: Some.com/cgi-bin/my.cgi?yaddayadda .
In pursuit of that, I've edited Apache's httpd.conf file. It was already set with that as the path but resulted in the 404. Currently httpd.conf is:
# "/Library/WebServer/CGI-Executables" should be changed to whatever your ScriptAliased
# CGI directory exists, if you have that configured.
#
ScriptAlias /cgi-bin/ /Library/WebServer/CGI-Executables/
<Directory "/Library/WebServer/CGI-Executables">
AllowOverride None
Options +ExecCGI
AddHandler cgi-script .cgi .wsgi
</Directory>
# To allow CGI program execution for any file ending in .cgi in
# users' directories, you can use the following configuration.
#ScriptAlias /cgi-bin/ /home/*
# <Directory /home/*>
# Options +ExecCGI
# AddHandler cgi-script .cgi
# </Directory>
# If you wish designate a cgi-bin subdirectory of a user's directory
# where everything will be treated as a CGI program, you can use the following.
# ScriptAlias /cgi-bin/ /home/cgi-bin/
# <Directory /home/cgi-bin>
# AllowOverride None
# Options +ExecCGI
# AddHandler cgi-script .cgi
# </Directory>
As this shows, I've tried using a cgi-bin folder within the site folders as well. I've also added the .wsgi handler and gotten the same results with a Python Hello World. It too works from the root folder of any site. I just can't get it to refer to what I want as the cgi-bin. Even if I nest a cgi-bin folder inside CGI-Executables. I always get "The requested URL /cgi-bin/my.cgi was not found on this server."
I do restart Apache after every edit and have rebooted the whole machine several times. Nothing changes.
Unless I'm doing something wrong in my edits above, it's almost as if Apache is ignoring the httpd.conf. I don't know how to confirm that the file is being read when Apache starts. There is no other httpd.conf file located anywhere that should matter and those typically bear names that suggest they're from the past: httpd.conf.pre-update and httpd.conf-previous.
My best guess is that I have some error in the path or aliased path. I have tried every variation on them that I can come up with. The full path to my desired cgi-bin is: Server HD2/Library/WebServer/CGI-Executables. Or a cgi-bin folder within a site's root folder would be: Server HD2/Library/WebServer/Documents/TheSite/cgi-bin
I've also checked for any .htaccess files that could be overriding my edits. None found.
Thanks in advance for any suggestions.

How to allow files to be accessed by scripts but not the internet - Apache

I wish to set up an apache server running php. I want all the files in a particular folder (say /site/ ) to be accessible from www.example.com/ . However I wish the files in /site/data/ to be not visible through www.example.com/data/ . I want www.example.com/fun.php script to be able to read/write to /site/data/ . What is the best way to do this through premissions and the apache defalt file?
You need to set up your directory structure slightly differently to what you have proposed. Rather run your site under a directory like:
/site/html
and store your data under a directory like:
/site/data
configuring Apache to only serve files from /site/html and not /site/data
or if you are using a more traditional apache directory structure then put the files you want publicly accessible through the web server in:
/var/www/html
and the private data files you only want your application to have access to in something like:
/var/www/data
Your Apache conf file will then contain something like:
DocumentRoot "/var/www/html"
<Directory "/var/www/html">
Options Indexes FollowSymLinks
AllowOverride All
Order allow,deny
Allow from all
</Directory>
This way the files in /var/www/data will not be publicly accessible but these files can still be accessed by php scripts in /var/www/html/
Disable Apache directory listings by putting this in your .htaccess file under /site/data
Options -Indexes

Apache local configuration to resolve files correctly

I have just configured Apache and PHP to work on my local Mac OS X computer. Now PHP works fine, except when I try to load the files for my live sites. The live sites have separate directories and are sorted by client name etc.
I've created symlinks in the default root for the local web server documents. My issue is that Apache doesn't seem to want to load any of the relative paths that are found in the HTML pages. For example, I have src="/css/main.css" but Apache doesn't load the file, similarly for images, it just resolves as a file not found 404 error. I then thought it might be the symlinks so I copied the full directory into the Apache document root, and still had the same result.
I would really love to setup my local development environment to run Apache, PHP, MySQL to develop locally then publish when ready. I also tried the MAMP installation, and had the same issues.
First you might want to try using src="./css/main.css".
When dealing with multiple live sites I like to setup a single configuration file for each site with apache and then load them all together in the httpd.conf file.
for my setup it looks like this:
in
/etc/apache2/httpd.conf
I have:
# Begin virtual host directives.
Include conf/bortreb.conf
Include conf/rlmcintyre.conf
Include conf/laserkard.conf
Include conf/judyates.conf
and then in
/etc/apache2/conf/judyates.conf
I have:
<VirtualHost *:80>
#localhost site
ServerAdmin email#example.com
DocumentRoot "/home/r/Desktop/web/judyates"
ServerName localhost
ServerAlias judyates.localhost
ErrorLog "/home/r/Desktop/web/judyates/log/error_log.log"
ScriptAlias /cgi-bin/ "/home/r/Desktop/web/judyates/cgi-bin/"
<Directory "/home/r/Desktop/web/judyates">
Options Indexes FollowSymLinks
Options +ExecCGI
AddHandler cgi-script cgi pl py
AllowOverride Options
Order allow,deny
Allow from all
</Directory>
</VirtualHost>
<VirtualHost *:80>
#live site
ServerAdmin email#example.com
DocumentRoot "/home/r/Desktop/web/judyates"
ServerName judyates.com
ServerAlias *.judyates.com
ErrorLog "/home/r/Desktop/web/judyates/log/error_log.log"
ScriptAlias /cgi-bin/ "/home/r/Desktop/web/judyates/cgi-bin/"
<Directory "/home/r/Desktop/web/judyates">
Options Indexes FollowSymLinks
Options +ExecCGI
AddHandler cgi-script cgi pl py
AllowOverride Options
Order allow,deny
Allow from all
</Directory>
</VirtualHost>
This way works really well, because you can set the subdomain yoursite.localhost
to loop back to your home ip address.
With this setup, when I work on judyates.com on my computer and want to test anythig, I just go to judyates.localhost in my web browser.
I have about 5 other sites all set up this way in their own *.conf file, so they can each live in their own directories on my computer that exactly match the directories they'll be in on the server.
The key is to use virtual hosts to go to different sites based on the subdomain.
You can learn how to configure subdomains that point to yourself here:
http://digitalpbk.blogspot.com/2007/01/making-subdomains-on-localhost.html
My setup goes even one step further because I setup the server too. Whenever I want to update I load both the webfiles AND the apache config files, and that way the server exactly mirrors my local setup. The only difference is that the real judyates.com points to the server and not my home computer, so when people try to visit the site they get everything from the server.
Have you tried src="css/main.css"? That is, without the leading slash? If you have a leading slash there your files would have to be in a directory named css that was in the root directory of the webserver, and if I understand you correctly that's not the case.
EDIT: OK, from reading your comments it seems like you are not quite clear on how relative urls work. "/css/main.css" is not relative to the page's location in the directory tree. It means a file named "main.css" in a directory named "css" in the root directory of the webserver. When you put your files on the deployment server your css directory is at the webserver's root directory. But it sounds like you are currently putting the css directory in a subdirectory named for the client... so your css file is now living at "/clientname/css/main.css".
If I understand you correctly, you can do what you want by using relative urls. If your html file is in the same directory as the css directory you would need "css/main.css". If it's in a subdirectory of the directory that contains the css directory you would need "../css/main.css"- the ".." means the parent directory of the current directory. If you use relative urls they will continue to work as long as the relationship between the files doesn't change.
Here's a page on the subject that explains it adequately, I think: http://www.webreference.com/html/tutorial2/3.html. Was pretty much the first thing I found in Google though, so there are likely better explanations out there.
There are a number of Apache directives that you could use to do this, but if using relative urls would work for you (and if I understand you correctly it would) then that's likely to be a lot simpler and less likely to cause you further trouble.

How do I conditionally add a line to Apache .htaccess based on the domain?

My local development PC is set up to use PHP5 by default, my client's host (1and1.co.uk) is set up to use PHP4 by default.
To enable PHP5 on a 1and1 account, you must add the following line to your .htaccess file:
AddType x-mapp-php5 .php
If I add this line to my local .htaccess file, it breaks my PHP.
How do I add this line conditionally based on the domain (or some other parameter?) so it is only executed by the live site and not my dev site?
I'd like to be able to just upload (FTP) my entire source tree without worrying about having to remember to edit the .htaccess on the server ever time.
e.g.
<IfDomain www.example.com>
AddType x-mapp-php5 .php
</IfDomain>
... rest of .htaccess
Is this possible?
I don't have access to the server config file, only .htaccess
Thanks in advance.
To others looking at this, and using a local server with virtualhost directives: took me a while, and none of the methods found online worked (probably because my MAMP apache version is not 2.4 yet or something), but this one did.
Forget about adding 'conditional' lines to your .htaccess file: you can define which .htaccess file to use in your virtualhost setting!
So just create a file .htaccess_dev, and add this line to your virtualhost definition on your local / dev machine:
AccessFileName .htaccess_dev
So it becomes something like this:
<virtualhost>
ServerName www.example.local
DirectoryRoot /var/www/www.example.local
AccessFileName .htaccess_dev
</virtualhost>
Try this. I have no idea whether it'll work. The terminology used in the documentation suggests that it should, but since no one ever does what you're trying to do, it's a little up in the air.
<Location http://www.example.com/>
AddType x-mapp-php5 .php
</Location>
I know that you can do server-specific commands in httpd.conf using the VirtualHost tag. (http://httpd.apache.org/docs/1.3/vhosts/ip-based.html)
While I'm not 100% sure that you can use this in a .htaccess file, I would suggest trying the following:
<VirtualHost www.example.com>
AddType x-mapp-php5 .php
</VirtualHost>
You can use the VirtualHost directive to accomplish this. I just did the same when I wanted django with mod_python to run only at a subdomain
<VirtualHost *:80>
DocumentRoot /www/docs/path
ServerName www.example.com
....
AddType x-mapp-php5 .php
</VirtualHost>