apache ScriptAlias cgi-bin directory - apache

this has been a problem for me for days and I haven't been able to solve it.
I'm working on fedora 14 and using Apache/2.2.17 (Unix)
the document root is /var/www and it is well configured in my httpd.conf
I have several folders inside /var/www that have perl files that require CGI to be run and instead, sometimes the perl file is offered as download and sometimes an error 500 appears
Internal Server Error
The server encountered an internal error or misconfiguration and was unable to complete your request.
Please contact the server administrator, root#localhost and inform them of the time the error occurred, and anything you might have done that may have caused the error.
More information about this error may be available in the server error log.
the cgi_module is being loaded and even if I use ScriptAlias, and the directory tag, the file is still not being ran a script.
I even tried to create a virtual host and it doesnt work.
For instance, if I want a directory called "pyl" located inside the apache root (/var/www) what would the lines for httpd.conf be?

Indeed, check the error log (/var/log/apache2/error.log ?), check your file and dir permissions.
Also make sure your ScriptAlias directive is updated correctly.
So, have a look in your site config file (i.e. sites-available/default) and change this:
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<Directory "/usr/lib/cgi-bin">
.. to this:
ScriptAlias /cgi-bin/ /var/www/cgi-bin/
<Directory "/var/www/cgi-bin">
.. and reload apache2.

This solution applies to Apache2.4.51 version or may others. The directory structure can change with versions.
Make a change the default CGI config file below:
nano /etc/apache2/conf-available/serve-cgi-bin.conf
Change:
ScriptAlias /cgi/ /home/user/your-folder
<Directory "/home/user/your-folder">
Move your *.cgi, *.py, *.sh, etc files to your folder
Apply chmod 755 to your folder:
chmod 755 /your-folder
Restart apache2:
systemctl restart apache2
Sample pyhton code that you can run:
nano /home/user/your-folder/pythonapp.py
Code:
#!/usr/bin/python3
print("Content-type:text/html")
print()
print("""
<!doctype html>
<html><head></head><title>CGI-Python</title>
<body> Python App </body>
</html>
""")
Save and run your url:
server-ip-or-host/cgi/pythonapp.py

Related

403 Forbidden : Apache not working after moving document root folder to iCloud drive

So i'm using MacOS Catalina and my Apache environment was running sweet until i decided to move my document root to the iCloud drive, to keep it backed up.
Before my document root was :
/users/admin/www
And now it is
/users/admin/Library/Mobile Documents/com~apple~CloudDocs/www
I edited httpd.conf accordingly :
DocumentRoot "/users/admin/Library/Mobile Documents/com~apple~CloudDocs/www"
<Directory "/users/admin/Library/Mobile Documents/com~apple~CloudDocs/www">
Options FollowSymLinks Multiviews SymLinksIfOwnerMatch
MultiviewsMatch Any
AllowOverride All
Require all granted
</Directory>
<Directory "/users/admin/Library/Mobile Documents/com~apple~CloudDocs/www/myfolder">
Options +FollowSymLinks +Multiviews +SymLinksIfOwnerMatch
MultiviewsMatch Any
AllowOverride All
Allow from All
Require all granted
</Directory>
Restarted Apache, restarted the machine but now i can access 127.0.0.1, EXCEPT one specific folder (let's call it www/myfolder). When i try to access 127.0.0.1/myfolder, i get the error below :
Forbidden
You don't have permission to access / on this server.
Checking the apache log file, this is the error i'm getting :
[Thu Oct 24 14:00:24.830700 2019] [access_compat:error] [pid 61703] [client 127.0.0.1:57804] AH01797: client denied by server configuration: /users/admin/Library/Mobile Documents/com~apple~CloudDocs/www/myfolder/public_html/
What am i missing here ? Please help, i need to work :D
First thing I am seeing is that you are using Apache 2.4 style syntax in your directory block, but then in your error log the module throwing the error is
access_compat. Per the Apache documentation:
The directives provided by mod_access_compat have been deprecated by mod_authz_host. Mixing old directives like Order, Allow or Deny with new ones like Require is technically possible but discouraged. This module was created to support configurations containing only old directives to facilitate the 2.4 upgrade
Next clue is the error code: AH01797. This is caused by a server configuration issue:
Client denied by server configuration
This error means that the access to the directory on the file system was denied by an Apache configuration.
I am assuming here that you are actually using 2.4, and that access_compat is enabled by mistake.
Take a look through your configuration files again, and find the LoadModule directive that is loading mod_access_compat, and comment it out. It might be in your httpd.conf file, but there are numerous different styles of organizing and configuring an Apache install, so it could be elsewhere. If you have a Debian-style install, you need to remove the symbolic link /etc/apache2/mods_enabled/mod_access_compat. Grep -R access_compat * might help.
EDIT 2 more observations:
In the second directory stanza, you have
Allow from all
Require all granted
Which is mixing old directive syntax with new, and is also redundant. Disable access_compat again, and also remove that Allow from all line before restarting Apache.
I don't think the second directory stanza is even necessary. You could probably delete the whole block and restart the server, and it would work.
First try (1) by disabling access_compat and removing that Allow directive from your httpd.conf file, and restart apache using apache2ctl -k graceful. If that doesn't work, comment out the entire second directory stanza and restart again.
I am about 50% sure this will fix it. If it doesn't then I will really need to see your entire httpd.conf file before I can troubleshoot further.

Apache won't autoindex

Oracle Linux 7.3 (RHEL derivative)
Apache 2.4.6
I'm setting up a repository in /srv/www for yum, scripts, and kickstart files, served via httpd. I want an auto-index, so I don't have any index.html. And, this is the only thing this internal server will do. So, httpd.conf:
DocumentRoot "/srv/www"
<Directory "/srv/www">
AllowOverride all
Options Indexes FollowSymLinks
Require all granted
</Directory>
However, I still get the error message:
[autoindex:error] [pid 12345] [client <IP address>:<port>] AH01276: Cannot serve directory /srv/www: No matching DirectoryIndex (index.html) found, and server-generated directory index forbidden by Options directive.
Except that the Options directive allows auto-indexing! I've tried Options All. I've tried Options +Indexes +FollowSymLinks. I've looked at 7 or 8 Google hits. Nothing is working.
Setting LogLevel debug doesn't increase messaging.
What have I missed?
As noted here, in the absence of an index.html (or other configured index file), the welcome page configured at /etc/httpd/conf.d/welcome.conf will take precedence over other configurations via its LocationMatch directive. Rename the file so it doesn't end in .conf and auto-indexing works.
Obviously landing in another virtualhost or Directory without indexes enabled, or a .htaccess getting in the way.
Set "AllowOverride none" first, since it is absurd to have it active if you are not using any .htaccess file (and since you have access to the main server you don't need it). Once you set AllowOverride, restart the server in case you added Indexes recently and didn't restart to apply changes.
If the issue persists, run apachectl -S and make sure you are landing in the correct virtualhost.
I just want to add that, after updating my mac to Catalina, my apache stopped working with that same error.
I had to:
uncomment the required modules (php7, rewrite, directory, etc...)
add a + sign to the Options (Options +FollowSymLinks +Multiviews +Indexes)
This worked for me.
Solution:
Ensure two apache modules are running:
mod_autoindex.so
mod_dir.so
In your case, mod_autoindex.so is running. Now enable the second one.
PS: Keep Options -Indexes. It's important. It makes sure that directory listings are disabled, as you shouldn't allow anyone to pay a visit to every directory on your server (some with rather private content such as CMS's directories).

Apache Doesn't Detect CGI Script

I am running ubuntu with apache2. I have already edited my httpd.conf file to say...
ScriptAlias /cgi-bin/ /usr/local/apache2/cgi-bin/
I have also created a bash script and made it executable, and placed it within within the /usr/local/apache2/cgi-bin/ directory. However, when I send...
http://[domain]/cgi-bin/vlc-http.cgi?226625
I get a standard apache 404 URL not found error. I have no idea how to troubleshoot the situation, since I am new to apache and cgi.
Extra-Information: If I send an http request to /cgi-bin/ then apache tells me I don't have permission to access.

.htaccess ErrorDocument 404 not showing up

I have a server from AWS EC2 service running on Linux ubuntu and I have installed apache, php, and mysql.
I have added a .htaccess file in my document root /var/www/html.
I entered this code in it:
ErrorDocument 404 /var/www/html/404.php and it is still not showing up.
I kept entered this command multiple times: sudo service httpd restart to restart the server but no changes displayed...
How can I fix this... Did I do something wrong?
First, note that restarting httpd is not necessary for .htaccess files. .htaccess files are specifically for people who don't have root - ie, don't have access to the httpd server config file, and can't restart the server. As you're able to restart the server, you don't need .htaccess files and can use the main server config directly.
Secondly, if .htaccess files are being ignored, you need to check to see that AllowOverride is set correctly. See http://httpd.apache.org/docs/2.4/mod/core.html#allowoverride for details. You need to also ensure that it is set in the correct scope - ie, in the right block in your configuration. Be sure you're NOT editing the one in the block, for example.
Third, if you want to ensure that a .htaccess file is in fact being read, put garbage in it.
An invalid line, such as "INVALID LINE HERE", in your .htaccess file, will result in a 500 Server Error when you point your browser at the directory containing that file. If it doesn't, then you don't have AllowOverride configured correctly.
Enable Apache mod_rewrite module
a2enmod rewrite
add the following code to /etc/apache2/sites-available/default
AllowOverride All
Restart apache
/etc/init.d/apache2 restart
If you have tried all of the above, which are all valid and good answers, and your htaccess file is not working or being read change the directive in the apache2.conf file. Under Ubuntu the path is /etc/apache2/apache2.conf
Change the <Directory> directive pointing to your public web pages, where the htaccess file resides. Change from AllowOverride None to AllowOverride All
<Directory /var/www/>
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
</Directory>
I had the same problem and found the answer and explanation on the Ubuntu Ask! forum https://askubuntu.com/questions/421233/enabling-htaccess-file-to-rewrite-path-not-working
For Ubuntu,
First, run this command :-
sudo a2enmod rewrite
Then, edit the file /etc/apache2/sites-available/000-default.conf using nano or vim using this command :-
sudo nano /etc/apache2/sites-available/000-default.conf
Then in the 000-default.conf file, add this after the line DocumentRoot /var/www/html. If your root html directory is something other, then write that :-
<Directory "/var/www/html">
AllowOverride All
</Directory>
After doing everything, restart apache using the command sudo service apache2 restart
Most probably, AllowOverride is set to None. in Directory section of apache2.conf located in /etc/apache2 folder
Try setting it to AllowOverride All
Just follow 3 steps
Enable mode_rewrite using following command
sudo a2enmod rewrite
Password will be asked. So enter your password
Update your 000-default.conf or default.conf file located at /etc/apache2/sites-available/ directory. you can not edit it directly. so use following command to open
sudo gedit /etc/apache2/sites-available/000-default.conf
Or
sudo gedit /etc/apache2/sites-available/default.conf
you will get
DocumentRoot /var/www/html
OR
DocumentRoot /var/www
line. Add following code after it.
<Directory /var/www/html/>
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
</Directory>
Make user the directory tag path is same as shown in your file.
Restart your apache server using following command
sudo service apache2 restart
In my experience, /var/www/ directory directive prevents subfolder virtualhost directives. So if you had tried all suggestions and still not working and you are using virtualhosts try this ;
1 - Be sure that you have
AllowOverride All directive in
/etc/apache2/sites-available/example.com.conf
2 - Check /var/www/ Directory directives in /etc/apache2/apache2.conf (possibly at line 164), which looks like ;
<Directory /var/www/>
Options Indexes FollowSymLinks
AllowOverride None
Require all granted
</Directory>
If there is an AllowOverride None directive change it to
AllowOverride All or just escape line
By default, Apache prohibits using an .htaccess file to apply rewrite rules, so
Step 1 — Enabling mod_rewrite (if not Enabled)
First, we need to activate mod_rewrite. It's available but not enabled with a clean Apache 2 installation.
$ sudo a2enmod rewrite
This will activate the module or alert you that the module is already enabled. To put these changes into effect, restart Apache.
$ sudo systemctl restart apache2
mod_rewrite is now fully enabled. In the next step we will set up an .htaccess file that we'll use to define rewrite rules for redirects.
Step 2 — Setting Up .htaccess
Open the default Apache configuration file using nano or your favorite text editor.
$ sudo nano /etc/apache2/sites-available/000-default.conf
Inside that file, you will find a block starting on the first line. Inside of that block, add the following new block so your configuration file looks like the following. Make sure that all blocks are properly indented.
/etc/apache2/sites-available/000-default.conf
<VirtualHost *:80>
<Directory /var/www/html>
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Require all granted
</Directory>
. . .
</VirtualHost>
Save and close the file. To put these changes into effect, restart Apache.
$ sudo systemctl restart apache2
Done. Your .htacess should work.
This link may actually help somebody https://www.digitalocean.com/community/tutorials/how-to-rewrite-urls-with-mod_rewrite-for-apache-on-ubuntu-16-04
I cleared this use. By using this site click Here , follow the steps, the same steps follows upto the ubuntu version 18.04
Go to /etc/apache2/apache2.conf
You have to edit that file (you should have root permission). Change directory text as bellow:
<Directory /var/www/>
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
Now you have to restart apache.
service apache2 restart
In WampServer Open WampServer Tray icon ----> Apache ---> Apache Modules --->rewrite_module
For completeness, if "AllowOverride All" doesn't fix your problem, you could debug this problem using:
Run apachectl -S and see if you have more than one namevhost. It might be that httpd is looking for .htaccess of another DocumentRoot.
Use strace -f apachectl -X and look for where it's loading (or not loading) .htaccess from.
i have a lot of sites on my virtual machine,
and i solved it only by changing config of the site in which i needed .htaccess
what i did:
sudo a2enmod rewrite
next i changed only config for particular site, not for every site "example.com"
sudo nano /etc/apache2/sites-enable/example.com.conf
inside of it i added
<Directory /var/www/example.com>
AllowOverride All
</Directory>
service apache2 restart
so it only applies for 1 site, because when i tried to apply changes to entire server it crashed, don't know why, but this solved my problem

Fixing 403 Forbidden on alias directory with Apache

I am trying to setup an alias to point to some directory on my filesystem not in DocumentRoot. Now I get a 403 Forbidden response. These are the steps taken:
1. edit http.conf, adding:
Alias /example "/Users/user/Documents/example"
then...
<Directory "/Users/user/Documents/example">
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
Allow from all</Directory>
2. setting permissions with chmod in terminal:
chmod 755 /Users/user/Documents/example
Now it should work? instead I get the access forbidden. This is the output from error_log:
[Sun Jul 24 06:57:57 2011] [error] [client xx.xx.xx.xx] (13)Permission denied: access to /example denied
I was having this issue on OS X too. It turned out gliptak was right, but I've some more detail to add.
We're both attempting to configure a virtual directory for a folder under a user's home folder; I think this is why we're having the problem. In my case, I had the following setup:
Home folder is /Users/calrion.
Virtual directory folder is /Users/calrion/Path/to/www.
There's a symlink /Users/calrion/Path pointing to /Volumes/Other/Users/calrion/Path.
The problem was the user and group _www (which Apache runs as on OS X) lacked execute access to /Users/calrion and /Volumes/Other/Users/calrion.
Running chmod o+x /Users/calrion and chmod o+x /Volumes/Other/Users/calrion resolved the issue (on OS X 10.7.4).
The rule here is that Apache requires execute access to all folders in the path in order to serve files. Without this, you'll get a HTTP 403 (forbidden).
The last straw ;) Required local in the Directory Entry...
like
<Directory "/Users/user/Documents/example">
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Require local
Order allow,deny
Allow from all
</Directory>
if everything else doesn't work (correct Alias, Directory Entry in httpd.conf and correct mod/usr/grp).
keep in mind: if you put your site in user-space the apache user (running httpd) needs access to your home!
Check permission on /Users/user/Documents/, /Users/user/ (higher level permissions are enforced first ...)
/bin/su into the user running Apache (like www, www-data) and cat a file in the /Users/user/Documents/example directory. That might point you to permission problems with your setup.
These are all very good answers.
None of them worked for me.
I have an alias specified in OSX server pointing to a user directory. I spent a long while chmodding and messing with _www user, adding executable permissions recursively, uninstalling macports and all sorts of stuff trying to get this to work. I tried 777. Nope. No idea why it wasn't working.
Eventually, I just checked the "shared folder" checkbox in the Finder for that folder, and it worked, on the specified domain, with php active, the way I wanted it to. :/ ...so that was easy.
I was just having this exact same issue. What I found was SE_Linux was enabled, and the security context of the files in my Aliased directory was incorrect, missing httpd_sys_content_t.
You can view the security context with ls -Z. If your files/folders don't have httpd_sys_content_t then apache won't server them up! You can add the proper context with something like chcon -R --type=httpd_sys_content_t /new_html_directory. This will change the context of the files currently in the directory, but not any files that are added afterwards (for that you'll need to work with semanage). Your other option is to just leave the files under /var/www.
Here's what fixed it for me:
in /etc/apache2/httpd.conf
<Directory />
Options FollowSymLinks
AllowOverride None
# REMOVE THESE LINES
#Order deny,allow
#Deny from all
# ADD THIS LINE
Require all denied
</Directory>
This change implements changes made in the apache update from 2.2 to 2.4. The OSX Yosemite update brought the apache update with it (PSA: if you're planning on upgrading to Yosemite, budget yourself a week to fix everything it breaks).
The weird thing is that I already got apache 2.4 working, and suddenly it breaks again....
PSA: if you're planning on upgrading to Yosemite, budget yourself a week to fix everything it breaks
After lots of time waste i fixed the issue and i wanted to share to save your time.
All the gentelmen above and on other posts has some correct parts in their answers but below is the sum
In your "/etc/apache2/httpd.conf" file:
1- change your document root
Original: DocumentRoot "/Library/WebServer/Documents"
Change to: DocumentRoot "/Users/yourname/www"
2- change
Original:
<Directory />
Options FollowSymLinks
AllowOverride None
Order deny,allow
Deny from all
</Directory>
Change to:
<Directory /Users/yourname/www>
Options FollowSymLinks Includes ExecCGI
AllowOverride None
Order deny,allow
Deny from all
</Directory>
3- Change:
Original:
<Directory "/Library/WebServer/Documents">
Change to:
<Directory "/Users/yourname/www">
4- Finally, you might not need this step if you are the supper user, this is to set the right permition on your new root folder
chmod 755 /Users/yourname/www
Hope this will help
It certainly does look right, do a sanity check.
you restarted apache
check group and user ownership
I think the quotes can be removed
there is something in /Users/user/Documents/example ?
try 777
-sean
SELinux was the culprit for me. If you're having this issue on a linux box and your alias and file permissions are correct than try doing a "setenforce 0" to put SELinux into permissive mode. That did the trick for me.
I had to revert my apache config file and then set up the server again. found this useful:
https://apple.stackexchange.com/questions/41143/how-to-revert-default-mac-apache-install-to-original
Quick Solution:
Use these commands as root on Linux:
find /var/www -type d -exec chmod 755 {} \;
find /var/www -type f -exec chmod 644 {} \;