I have a problem in configuring my Apache. This litte indian is something headstrong.
My Application is located under /var/www/myapp/
There are 3 Elements:
./index.cgi - a python cgi script correctly working
./Application/ - a directory, which should be not public. contains include packages for index.cgi
./Public/ - a directory, public. contains javascripts, css files, images e.q.
My current VirtualHost configuration looks like:
DocumentRoot /var/www/myapp/
Alias /Public/* "/var/www/myapp/Public/*"
<Location "/myapp/*">
Options FollowSymLinks
Order allow,deny
Allow from all
</Location>
ScriptAlias "/index.cgi" "/var/www/myapp/index.cgi"
So /Public is public as wished, index.cgi runs. But: /Application is accessible. How do I lock this directory?
Second thing is: index.cgi should run, when I call www.mydomain.com/ or www.mydomain.com/index.cgi. Nothing else but URI parameters. How do I do that?
Thanks in advance,
BigM
You can verify the permissions in the files, but I think that the problem is that you don't have an alias for the Application folder in your Apache Configuration File.
Related
How do I disable single option override in specific folder in Apache? I'd like to force DirectoryIndex value in specific folder, so DirectoryIndex option in .htaccess of that folder will be ignored. I'd expect configuration should look somehow similar, but neither works:
<Directory "/home/me/www/symfonyProject1">
DirectoryIndex app_dev.php
AllowOverride -Indexes
</Directory>
or this
<Directory "/home/me/www/symfonyProject1">
DirectoryIndex app_dev.php
AllowOverride Options=-DirectoryIndex
</Directory>
Is this even possible? How could I achieve that?
Using: Apache/2.2.8 (Win32) & Windows 7 x64
The only possiblility, even though it is definitely not kosher, is to let .htaccess be ignored by versioning system locally. Then you can change as you wish to adapt you instance.
In case you need to change original .htaccess, you must do following (for GIT):
backup your modified .htaccess file
Comment out line .htaccess in file .git/info/exclude
do git checkout -- .htaccess to retrieve original file
modifiy and commit changes
Uncomment .htaccess line in .git/info/exclude
Copy modified .htaccess from backup to working tree
I did not get this working with the <Directory> tag in httpd.conf but it was working if I did the following:
In /home/me/www/symfonyProject1 create a .htaccess file and put DirectoryIndex app_dev.php in it.
This should work as long as you AllowOverride All (Or more narrow if needed) in the parent configuration.
Here is my directory structure
root
private
public
Using .htaccess and/or httpd.conf, I want to limit access to the private folder to only code executed from the root folder. So, no external access to anything in the private folder. Honestly, I have tried a lot of options, but nothing seems to work.
My test environment is XAMPP - installed on my local machine.
EDIT
One of the issues I encountered was using the wrong directory path. I created a simple PHP page with just phpinfo()
<?php
phpinfo();
?>
In the PHP Variables section, I looked for _SERVER["CONTEXT_DOCUMENT_ROOT"]. I used this for the directory path and then added private (the folder in the root that I wanted to limit access to). Thus, my completed code in the httpd.conf is below:
<Directory "E:/xampp/htdocs/home/private">
Order deny,allow
Deny from all
</Directory>
Using Order deny,allow and Deny from all should be already sufficient
Order deny,allow
Deny from all
If you put this in a .htaccess in the private folder, all access from outside will be prohibited.
Alternatively, you can put it in a <Directory /path/to/root/private> in httpd.conf, which has the same effect
<Directory /path/to/root/private>
Order deny,allow
Deny from all
</Directory>
Update:
According to Apache HTTP Server Tutorial: .htaccess files you should prefer httpd.conf over .htaccess files
You should avoid using .htaccess files completely if you have access to httpd main server config file. Using .htaccess files slows down your Apache http server. Any directive that you can include in a .htaccess file is better set in a Directory block, as it will have the same effect with better performance.
I wish to set up an apache server running php. I want all the files in a particular folder (say /site/ ) to be accessible from www.example.com/ . However I wish the files in /site/data/ to be not visible through www.example.com/data/ . I want www.example.com/fun.php script to be able to read/write to /site/data/ . What is the best way to do this through premissions and the apache defalt file?
You need to set up your directory structure slightly differently to what you have proposed. Rather run your site under a directory like:
/site/html
and store your data under a directory like:
/site/data
configuring Apache to only serve files from /site/html and not /site/data
or if you are using a more traditional apache directory structure then put the files you want publicly accessible through the web server in:
/var/www/html
and the private data files you only want your application to have access to in something like:
/var/www/data
Your Apache conf file will then contain something like:
DocumentRoot "/var/www/html"
<Directory "/var/www/html">
Options Indexes FollowSymLinks
AllowOverride All
Order allow,deny
Allow from all
</Directory>
This way the files in /var/www/data will not be publicly accessible but these files can still be accessed by php scripts in /var/www/html/
Disable Apache directory listings by putting this in your .htaccess file under /site/data
Options -Indexes
I have a folder with a lot of .php files. I would like to deny access to them (using .htaccess). I know an option is to move this folder outside public_html, but this is not possible in this situation.
Is is possible to block access to a whole folder?
Add this to the .htaccess file:
order deny,allow
deny from all
Apache 2.4 now uses a different way to do this so the method that works for Apache 2.2 will not work. See below for the method that will work for Apache 2.4. Place this in your Apache .htaccess file or better yet in a <Directory> directive in the Apache .conf file for your site.
Using .htaccess:
If using Apache 2.2:
order deny,allow
deny from all
If using Apache 2.4 use:
Require all denied
Using Apache Configuration files:
Instead of using a .htaccess file, it is usually preferred to place the configuration directly in your Apache .conf file as follows:
<Directory "/var/www/mysite">
Require all denied
</Directory>
Or if using a virtual host:
<VirtualHost *:80>
### Other configuration here ###
<Directory "/var/www/mysite">
Require all denied
</Directory>
### Other configuration here ###
</VirtualHost>
Of course the above configurations are examples, and you will need to adjust according to your requirements.
Create .htaccess file inside the desired folder with the following contents:
Deny from all
Edit apache2.conf or httpd.conf, whatever you find in Apache2 directory (probably located in /etc/apache2). You'll need to edit/check the following:
AllowOverride ALL (in the related <Directory> tag)
AccessFileName .htaccess
Edit your site's configuration file only in case you have a <Directory> tag specified inside it and add the following line:
AllowOverride ALL
Restart your Apache2 server
service apache2 restart
The above steps are all meant for Linux environments. The same instructions would work well for Windows environments except for the paths and the server restart command.
Reference: http://www.cyberciti.biz/faq/apache-htaccess/
Just add a .htaccess file with the code Deny from all to the folder.
More info at http://httpd.apache.org/docs/2.2/mod/mod_authz_host.html
I have just configured Apache and PHP to work on my local Mac OS X computer. Now PHP works fine, except when I try to load the files for my live sites. The live sites have separate directories and are sorted by client name etc.
I've created symlinks in the default root for the local web server documents. My issue is that Apache doesn't seem to want to load any of the relative paths that are found in the HTML pages. For example, I have src="/css/main.css" but Apache doesn't load the file, similarly for images, it just resolves as a file not found 404 error. I then thought it might be the symlinks so I copied the full directory into the Apache document root, and still had the same result.
I would really love to setup my local development environment to run Apache, PHP, MySQL to develop locally then publish when ready. I also tried the MAMP installation, and had the same issues.
First you might want to try using src="./css/main.css".
When dealing with multiple live sites I like to setup a single configuration file for each site with apache and then load them all together in the httpd.conf file.
for my setup it looks like this:
in
/etc/apache2/httpd.conf
I have:
# Begin virtual host directives.
Include conf/bortreb.conf
Include conf/rlmcintyre.conf
Include conf/laserkard.conf
Include conf/judyates.conf
and then in
/etc/apache2/conf/judyates.conf
I have:
<VirtualHost *:80>
#localhost site
ServerAdmin email#example.com
DocumentRoot "/home/r/Desktop/web/judyates"
ServerName localhost
ServerAlias judyates.localhost
ErrorLog "/home/r/Desktop/web/judyates/log/error_log.log"
ScriptAlias /cgi-bin/ "/home/r/Desktop/web/judyates/cgi-bin/"
<Directory "/home/r/Desktop/web/judyates">
Options Indexes FollowSymLinks
Options +ExecCGI
AddHandler cgi-script cgi pl py
AllowOverride Options
Order allow,deny
Allow from all
</Directory>
</VirtualHost>
<VirtualHost *:80>
#live site
ServerAdmin email#example.com
DocumentRoot "/home/r/Desktop/web/judyates"
ServerName judyates.com
ServerAlias *.judyates.com
ErrorLog "/home/r/Desktop/web/judyates/log/error_log.log"
ScriptAlias /cgi-bin/ "/home/r/Desktop/web/judyates/cgi-bin/"
<Directory "/home/r/Desktop/web/judyates">
Options Indexes FollowSymLinks
Options +ExecCGI
AddHandler cgi-script cgi pl py
AllowOverride Options
Order allow,deny
Allow from all
</Directory>
</VirtualHost>
This way works really well, because you can set the subdomain yoursite.localhost
to loop back to your home ip address.
With this setup, when I work on judyates.com on my computer and want to test anythig, I just go to judyates.localhost in my web browser.
I have about 5 other sites all set up this way in their own *.conf file, so they can each live in their own directories on my computer that exactly match the directories they'll be in on the server.
The key is to use virtual hosts to go to different sites based on the subdomain.
You can learn how to configure subdomains that point to yourself here:
http://digitalpbk.blogspot.com/2007/01/making-subdomains-on-localhost.html
My setup goes even one step further because I setup the server too. Whenever I want to update I load both the webfiles AND the apache config files, and that way the server exactly mirrors my local setup. The only difference is that the real judyates.com points to the server and not my home computer, so when people try to visit the site they get everything from the server.
Have you tried src="css/main.css"? That is, without the leading slash? If you have a leading slash there your files would have to be in a directory named css that was in the root directory of the webserver, and if I understand you correctly that's not the case.
EDIT: OK, from reading your comments it seems like you are not quite clear on how relative urls work. "/css/main.css" is not relative to the page's location in the directory tree. It means a file named "main.css" in a directory named "css" in the root directory of the webserver. When you put your files on the deployment server your css directory is at the webserver's root directory. But it sounds like you are currently putting the css directory in a subdirectory named for the client... so your css file is now living at "/clientname/css/main.css".
If I understand you correctly, you can do what you want by using relative urls. If your html file is in the same directory as the css directory you would need "css/main.css". If it's in a subdirectory of the directory that contains the css directory you would need "../css/main.css"- the ".." means the parent directory of the current directory. If you use relative urls they will continue to work as long as the relationship between the files doesn't change.
Here's a page on the subject that explains it adequately, I think: http://www.webreference.com/html/tutorial2/3.html. Was pretty much the first thing I found in Google though, so there are likely better explanations out there.
There are a number of Apache directives that you could use to do this, but if using relative urls would work for you (and if I understand you correctly it would) then that's likely to be a lot simpler and less likely to cause you further trouble.