Been trying to change the /usr/local/apache/conf/includes/pre_virtualhost_global.conf to make all instances of "FollowSymLinks" in .htaccess require to be changed to "SymLinksIfOwnerMatch".
<Directory "/home">
Options +All +ExecCGI -FollowSymLinks +Includes +IncludesNOEXEC -Indexes -MultiViews +SymLinksIfOwnerMatch
AllowOverride All Options=ExecCGI,Includes,IncludesNOEXEC,Indexes,MultiViews,SymLinksIfOwnerMatch
</Directory>
However after using /scripts/rebuildhttpdconf I get the following error;
AH00526: Syntax error on line 2 of /usr/local/apache/conf/includes/pre_virtualhost_global.conf:
You may not use 'Options +All' or 'Options -All'.
Can anyone help me with this? I'm sure that should of worked and have no idea why Options +All cannot be used.
I'm using Apache Version: 2.4.4
Thanks
see http://httpd.apache.org/docs/2.4/mod/core.html#options
"Mixing Options with a + or - with those without is not valid syntax..."
But what is not explicitly specified in this documentation is the use of 'All' would seem to logically make the rest of the options redundant. The fact that there is a 'None' option seems to me to indicate that the 'None' option logically replaces a '-All'.
Related
Assuming the default options for the directories are defined by
<Directory "/path">
Options Indexes FollowSymLinks Includes
</Directory>
When using the directive
ScriptAlias /cgi-bin/ "/path/cgi-bin/"
... is it required (or advisable or unsecure, etc) to also specify the option ExecCGI? e.g.
<Directory "/path/cgi-bin">
Options ExecCGI
</Directory>
I think it is necessary, because your allowing the Execution of CGI (hence ExecCGI). Its not unsecure, but default way of enabling CGI script execution in the said directory.
I am trying to get OpenDLP to work on my system. For those not familiar with this, only think of it as a perl website.
I mostly prepared everything, except that UI gives errors.
After some digging and debugging, I found out that my Perl scripts are running under directory '/'! And when pages try to read '../etc/db_admin' they won't find it and throw error.
My vhost config for this ui:
<VirtualHost opendlp.local:443>
ServerAdmin vahid.fazl2000#engineer.com
DocumentRoot "/home/vahid/Downloads/OpenDLP-0.5.1/OpenDLP/web/bin"
ServerName opendlp.local:443
ErrorLog "/var/log/httpd/opendlp-error_log"
CustomLog "/var/log/httpd/opendlp-access_log" common
Include conf/extra/httpd-opendlp.conf
<Directory "/home/vahid/Downloads/OpenDLP-0.5.1/OpenDLP/web/bin">
AddHandler perl-script .pl .html
PerlResponseHandler ModPerl::Registry
Options +ExecCGI
PerlOptions +ParseHeaders
AllowOverride All
Options All
Require method GET POST OPTIONS
</Directory>
</VirtualHost>
and here is httpd.opendlp.conf
Alias /OpenDLP/images/ /home/vahid/Downloads/OpenDLP-0.5.1/OpenDLP/web/bin/images
<Directory "/home/vahid/Downloads/OpenDLP-0.5.1/OpenDLP/web/bin/images/">
Options FollowSymLinks
AllowOverride None
order allow,deny
allow from all
#AuthType Basic
#AuthName "OpenDLP"
#AuthUserFile /etc/apache2/.htpasswd.dlp.user
#Require user dlpuser
</Directory>
ScriptAlias /OpenDLP/ "/home/vahid/Downloads/OpenDLP-0.5.1/OpenDLP/web/bin/"
ScriptAlias /cgi-bin/ "/home/vahid/Downloads/OpenDLP-0.5.1/OpenDLP/web/bin/"
<Directory "/home/vahid/Downloads/OpenDLP-0.5.1/OpenDLP/web/bin/results/">
Options FollowSymLinks
AllowOverride None
order allow,deny
allow from all
#AuthType Basic
#AuthName "OpenDLP"
#AuthUserFile /etc/apache2/.htpasswd.dlp.agent
#Require user ddt
</Directory>
<Directory "/home/vahid/Downloads/OpenDLP-0.5.1/OpenDLP/web/bin/">
Options FollowSymLinks
AllowOverride None
order allow,deny
allow from all
#AuthType Basic
#AuthName "OpenDLP"
#AuthUserFile /etc/apache2/.htpasswd.dlp.user
#Require user dlpuser
</Directory>
#Also add this stuff to the Apache config file:
# taken from http://hausheer.osola.com/docs/9
SSLEngine on
#SSLVerifyClient require
SSLCertificateFile /home/vahid/Downloads/OpenDLP-0.5.1/OpenDLP/server.crt
SSLCertificateKeyFile /home/vahid/Downloads/OpenDLP-0.5.1/OpenDLP/server.key
SSLCACertificateFile /home/vahid/Downloads/OpenDLP-0.5.1/OpenDLP/server.crt
I haven't tried Perl for web before, and I am not familiar with mod_perl and its options. I have googled for this, but it seems that I don't know where to look (except here, of course :-) )
BTW, I'm on Arch Linux x64 if it matters.
Thanks in advance
EDIT: Here is some more info on errors.
This is the error I get when I visit https://opendlp.local/profiles-manage.html
No such file or directory at /home/vahid/Downloads/OpenDLP-0.5.1/OpenDLP/web/bin/profiles-manage.html line 29.
And here is line 29 (and around it) of file:
use CGI qw/:standard/;
use DBI;
use Cwd qw();
my $version = get_version();
my $db_admin_file = "../etc/db_admin";
my( $db_username, $db_password ) = "";
open( DB, $db_admin_file ) or die $!; # LINE 29
my $db_line = <DB>;
close( DB );
chomp $db_line;
($db_username, $db_password) = split( ":", $db_line );
header();
print "<heading>Manage existing scan profiles</heading><normal><br><br>\n";
I have added use Cwd myself (googled, actually) and checked working directory, which is /.
Change DocumentRoot to
/home/vahid/Downloads/OpenDLP-0.5.1/OpenDLP/web
instead of
/home/vahid/Downloads/OpenDLP-0.5.1/OpenDLP/web/bin"
Then in your script:
my $db_admin_file = "etc/db_admin";
You have "cannot find file" error because your code runs on a virtual host where the directory you set as Document Root is regarded as root directory (/). You cannot "go behind" a root directory,
I'm new to this.
We did a system scan last night. However, during the scanning, the system is down and we are facing 403 forbidden error when access the web.
Please kindly assist how and where should i check.
Version: Apache/2.4.7 (Ubuntu)
Ubuntu 4.2
The application was working fine all these while and no changes was done on the server.
YOur help on this is much appreciated.
thank you!
Here's the config file for further help:
/etc/apache2/apache.conf
<Directory />
Options FollowSymLinks
AllowOverride None
# Require all denied
Require all granted
</Directory>
<Directory /usr/share>
AllowOverride None
Require all granted
</Directory>
<Directory /var/www/>
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
</Directory>
/etc/apache2/sites-available/000-default.conf
<Directory "/var/www/html">
Options All
AllowOverride All
Require all granted
</Directory>
As you already added some conf-files to your question and extended comments should be avoided on SO (and you don't have the required 20 reputation for moving to chat) next suggestions here: add also your .htaccess, and maybe this is of help: Apache2: 'AH01630: client denied by server configuration'
In addition, it might be of help if you open (depending on your browser and development tools) e.g. the Firebug Net Panel to check what happens when you call your site's url - if the 403 occurs directly or if there is any kind of redirect taking place. Could also be of help to trace the address in a shell / command prompt to see what's going on.
After upgrading from apache 2.2 to 2.4 I have a strange apache config error. My vhost config file contains the following directory directive:
<Directory "C:/data/projectx/src/htdocs">
Options None
AllowOverride None
#Order allow,deny # old config style
#Allow from all # old config style
Require all granted # new config style (replaces both rules above)
</Directory>
Which is conform with the new directive syntax. However, when I start apache I get this message, indicating some error on the Require all directive:
AH00526: Syntax error on line 22 of C:/data/projectx/src/admin/local.conf:
Argument for 'Require all' must be 'granted' or 'denied'
Obviously the error is somewhat misleading, as everything is correct. What is wrong with this directive?
Solution: remove the comment after the Require all directive:
<Directory "C:/data/projectx/src/htdocs">
Options None
AllowOverride None
#Order allow,deny # old config style
#Allow from all # old config style
# -->> moved comment into own line: new config style ...
Require all granted
</Directory>
I just installed XAMPP on my personal CentOS box and when I try to disable Directory Listing I get an Apache error when restarting. My httpd.conf file looks like this after I make the changes:
httpd.conf
Alias /bitnami/ "/opt/lampp/apache2/htdocs/"
Alias /bitnami "/opt/lampp/apache2/htdocs"
<Directory "/opt/lampp/apache2/htdocs">
Options -Indexes FollowSymLinks
AllowOverride All
Order allow,deny
Allow from all
</Directory>
Error
XAMPP: Starting Apache...fail.
AH00526: Syntax error on line 5 of /opt/lampp/apache2/conf/httpd.conf:
Either all Options must start with + or -, or no Option may.
I have tried removing Indexes all together and I can still see my directories. Maybe I'm in the wrong file, but from what I've read disabling directory listing has to be made here or .htacces (which I am trying to avoid.) In case it comes up I have made sure to restart XAMPP every time I made changes.
The error message is pretty clear. To rephrase / show examples:
# relative to whatever lower precedence section applies
Options -Indexes
If your goal is to turn off indexes. If you want to make sure FollowSymlinks is also set, put a + in front of it:
# relative to whatever lower precedence section applies
Options -Indexes +FollowSymlinks
If you want to turn everything but FollowSymlinks off:
# not relative
Options FollowSymlinks
Please go to file: /opt/lampp/etc/httpd.conf
and either comment the line like this:
#Options Indexes FollowSymLinks Includes ExecCGI
or edit like this
Options -Index
For Windows machine: Do same editing in file /apache/conf/httpd.conf
I put a "+" in front of word "FollowSymlinks" to have success.
And replace this lines:
AllowOverride All
Order allow,deny
To:
Require all granted
I hope to help you!
You can also use:
sudo a2dismod autoindex