.htaccess - Deny all except one folder - apache

I am trying to deny all connections to my website using .htaccess that looks something like this:
ErrorDocument 403 /errors/403\.php
SetEnvIfNoCase Request_URI "^/errors/403\.php$" HANDLE403
order deny,allow
deny from all
allow from 188.167.150.5
allow from 78.145.188.71
allow from env=HANDLE403
AddType application/x-httpd-php53 .php
AddType application/x-httpd-php5 .php52
AddType application/x-httpd-php .php4
The .htaccess file is stored in the root folder of my ftp and this works fine, however I want to use custom Error 403 page which is saved in Errors folder on the same ftp, so basically it gets blocked too. I have tried to create a new .htaccess in the Errors folder (as suggested in other topics) with this code:
order allow,deny
allow from all
AddType application/x-httpd-php53 .php
AddType application/x-httpd-php5 .php52
AddType application/x-httpd-php .php4
But it still doesn't work and I get just the default 403 page with "Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request."
Any idea how I could fix this, so that the error files are accessible by all, while the rest is denied for all except few specific IPs?

Use your custom handler like this:
ErrorDocument 403 /errors/403.php
order deny,allow
deny from all
allow from 188.167.150.5
allow from 78.145.188.71

Related

Drupal html files under sites/default/files/* is downloading but executing

Drupal html files under sites/default/files/* is downloading but executing.
Note: .htaccess file under sites/default/files/ is with default setting as below:
Turn off all options we don't need.
Options None
Options +FollowSymLinks
Set the catch-all handler to prevent scripts from being executed.
SetHandler Drupal_Security_Do_Not_Remove_See_SA_2006_006
<Files *>
# Override the handler again if we're run later in the evaluation list.
SetHandler Drupal_Security_Do_Not_Remove_See_SA_2013_003
</Files>
If we know how to do it safely, disable the PHP engine entirely.
<IfModule mod_php5.c>
php_flag engine off
</IfModule>
Fixed after adding a .htaccess file with below
ForceType text/html
Header set Content-Disposition inline

Apache httpd bad request when accessing by ip address - Review Board

I have setup Review Board and it works fine when accessed from localhost.
When I try to access it by ip (from LAN), I get BAD REQUEST.
I have copied apache-wsgi.conf to my apache conf directory.
apache-wsgi.conf
<VirtualHost *:8088>
ServerName localhost
DocumentRoot "/var/www/reviews.als.kz/htdocs"
# Error handlers
ErrorDocument 500 /errordocs/500.html
WSGIPassAuthorization On
WSGIScriptAlias "/reviews" "/var/www/reviews.als.kz/htdocs/reviewboard.wsgi/reviews"
<Directory "/var/www/reviews.als.kz/htdocs">
AllowOverride All
Options -Indexes +FollowSymLinks
Require all granted
</Directory>
# Prevent the server from processing or allowing the rendering of
# certain file types.
<Location "/reviews/media/uploaded">
SetHandler None
Options None
AddType text/plain .html .htm .shtml .php .php3 .php4 .php5 .phps .asp
AddType text/plain .pl .py .fcgi .cgi .phtml .phtm .pht .jsp .sh .rb
<IfModule mod_php5.c>
php_flag engine off
</IfModule>
</Location>
# Alias static media requests to filesystem
Alias /reviews/media "/var/www/reviews.als.kz/htdocs/media"
Alias /reviews/static "/var/www/reviews.als.kz/htdocs/static"
Alias /reviews/errordocs "/var/www/reviews.als.kz/htdocs/errordocs"
Alias /reviews/favicon.ico "/var/www/reviews.als.kz/htdocs/static/rb/images/favicon.png"
I have installed reviewboard into /var/www/reviews.als.kz directory.
Chown-ed it to apache:apache.
I run it on Fedora 21.
Review Board version 2.0.12
Apache httpd version 2.4.10
Thanks
The problem had been with python settings.
Added my ip address to ALLOWED_HOSTS within settings_local.py file and everything worked.
Thanks
I had the same problem. When you configure your reviewboard, you have to give it a site name . Some thing like "reviewboard.mycompany.com". It doesn't have to be a registered name just make up something.
Then when you try to access the reviewboard main page, use the site name (reviewboard.mycompany.com) as the URL. You'll of course need to add the made-up hostname to to your /etc/hosts so your machine can resolve the address.
Create a host entry / DNS entry with the site name. like
reivews.mycompany.com x.x.x.x
It's worked for me.
I had the same problem.
Fixed it by adding this line to my httpd.conf :
HttpProtocolOptions unsafe

Need help migrating apache directives to nginx

To keep it simple, I'm trying to find the nginx alternative to the following apache htaccess directives:
<Files track>
SetHandler application/x-httpd-php
</Files>
<Files ttrack>
SetHandler application/x-httpd-php
</Files>
<Files qtrack>
SetHandler application/x-httpd-php
</Files>
I have several of these directives, and it is not possible to rename the files with a php extension so that's out of the question. I just need to know how I can get these extensionless files to be run as php scripts.
If I'm not wrong (it's several years I don't use Apache), you can try:
location /(track|ttrack|qtrack) {
// the stuff to use php-cgi like:
fastcgi_pass upstreamServerPool;
// ...
}
This will match all requests for url like /track or /ttrack or /qtrack.

Wamp Server Not Parsing htm Files As PHP

I know this question has been already asked here. I am trying to use a script in my localhost. The script contains .htm files and an .htaccess file with the following code to parse those .htm files as PHP.
AddHandler application/x-httpd-php5 .htm .php .html
Now this is not working at all and i get a blank web page whenever i run it from my localhost. i.e "localhost/paystill_enterprise" and it give me blank webpage.
Now i have tried every solution i could find on internet like editing httpd.conf file etc. Here are some of the solutions i have tried.
1- I have tried editing httdp.conf and have added the following code one by one
<IfModule mime_module>
AddType application/x-httpd-php .php
AddType application/x-httpd-php .html
AddType application/x-httpd-php .htm
AddType application/x-httpd-php .txt
</IfModule>
<FilesMatch "\.html$">
ForceType application/x-httpd-php
</FilesMatch>
<FilesMatch "\.htm$">
ForceType application/x-httpd-php
</FilesMatch>
2- Tried adding these lines of code one by one in my .htaccess file
AddType application/x-httpd-php .html .htm
AddType application/x-httpd-php5 .html .htm
RemoveHandler .html .htm
AddType application/x-httpd-php .php .htm .html
No matter what i use, always get a blank page for "localhost/paystill_enterprise".
Note:
Sometimes it also happens that when i type the address "localhost/paystill_enterprise", the browsers asks me to save the file i.e the browser tries to download it.
Any suggestions?
The one time I did this all I did was add these 2 instructions to me .htaccess file.
AddHandler application/x-httpd-php .html
DirectoryIndex index.html index.php
So remove all your other changes and try just this one change as your other chnages may interfere with this.

How to select file in subdirectory by "files" directive?

I want to compile PHP code in specific .htm file, if file located at root directory of domain I can add
<Files file.htm>
AddType application/x-httpd-php5 .htm
</Files>
to .htaccess, but what should I do if file located at another directory(/sub/file.htm, for example)?
Maybe it could be done if your are using httpd 2.4 which has <if> supports
<If "%{PATH_INFO} =~ /.*\/sub\/(file|anotherfile|andanother)\.htm/">
AddType application/x-httpd-php5 .htm
</If>
Maybe you want to use the httpd.conf instead of .htaccess file. You could then use <Location>-directive in this case:
<Location /sub/file.htm>
AddType application/x-httpd-php5 .htm
</Location>
Note that if you want to use a regexp to match the location you need to write a ~ before the location or use the <LocationMatch>-directive.
E.g.:
<Location ~ "/sub/(file|anotherfile|andanother).htm">
AddType application/x-httpd-php5 .htm
</Location>
EDIT:
Another possible solution (also only in virtualhost-config) should be a combined <Directory> and <Files>-directive:
<Directory /sub>
<Files file.htm>
AddType application/x-httpd-php5 .htm
</Files>
</Directory>
Try FilesMatch:
<FilesMatch "file.htm$">
AddType ...
</Files>
It applies a regex to the filename, so this'll match any file path which has "file.htm" at the end. It'd apply to any file in any directory that ends with "file.html". Note that this would also match on "somefile.htm" and "/subdir/somefile.htm". If you've got other files in your site tree that could trigger this, you'll have to mod the regex to exclude them.