I have been trying to use the 'auto-prepend-file' value to set a PHP script to be ran before every page from that directory. Currently, I'm destroying and creating a session, then setting a session variable.
But if I try to access session variables from a page, there is no value in them.
Can this value be prevented from being set in a .htaccess file?
Will the prepended script be ran when called for non-php pages aswell?
Can this value be prevented from being set in a .htaccess file?
It is possible to disable session cookies with a .htaccess file, but I doubt that's the real problem in your case. Are you sure the file is actually getting prepended at all? Try a more direct test, like adding die('The prepended file was executed.') to the file.
Will the prepended script be ran when called for non-php pages aswell?
The auto_prepend_file directive only applies to files parsed by PHP. In most server configurations that will only include .php files. However, you can use the AddHandler directive to make Apache execute PHP in other file types as well.
For example, if you use AddHandler to add .html as another file type that can contain PHP code, auto_prepend_file will also apply to .html files.
What ended up solving it for me was setting the "AllowOverride" directive on my Apache configuration file. In order to allow .htaccess privileges on given folder, you should have something like...
# Allow .htaccess settings
<Directory "/absolute/path/to/htaccessfolder">
AllowOverride Options
</Directory>
...on httpd.conf, which allows overriding option settings from the selected directory.
Related
I want to prevent directory file listing in all of my folders, so when a user types http://example.com/thisDoesNotExists/, the directory file listing do not show up.
According to a tutorial all I have to do is set IndexIgnore *
I try to set it in the httpd.conf, so I do
<IfModule mod_autoindex>
IndexIgnore *
</IfModule>
at the bottom of the httpd.conf.
It does not work. I get my 404errorPage.html without any styles.
How can I fix this? Thanks.
Disclaimer : I try to set this in httpd.conf and not htaccess because "You should avoid using .htaccess files completely if you have access to httpd main server config file. Using .htaccess files slows down your Apache http server. Any directive that you can include in a .htaccess file is better set in a Directory block, as it will have the same effect with better performance." According to this.
Your <IfModule> argument is wrong so the enclosing directive is never evaluated. The argument either needs to be the modules name (you can see
this in the corresponding LoadModule) or the main source filename.
Both "autoindex_module" and "mod_autoindex.c" work.
Here is another way to do it:
You should edit /etc/httpd/conf/httpd.conf, find the code block with
<Directory "/var/www/html">
Options Index FollowSymLinks
</Directory>
You should remove the Index in there then restart your httpd service by
sudo service httpd restart
Given the directory www/html/file.php would it be it be appropriate to place my .htaccess alongside with file.php?
That way making rules for file.php (demo example below)
~Rule~ file.php ...
file.php would be located.
No. It depends on the setting of AllowOverride for specific directories - however, in most configurations AllowOverride is enabled for the document root.
See http://httpd.apache.org/docs/current/de/howto/htaccess.html#page-header
According to that documentation, you should put any rules into the global configuration file instead of .htaccess files if possible. if you can't access the global configuration file, you should put the .htaccess file into the folder it applies to.
Is it possible to have just a single php.ini file, for example in the webroot (or even outside of it to prevent people accessing it via GET), and tell PHP quickly and easily where it is?
I know you can set php.ini directives in .htaccess, but is it possible to define a specific php.ini file to be used?
Add this to your server configuration...
<VirtualHost 1.2.3.4:80>
PHPINIDir /path/to/new/php_ini
</VirtualHost>
Make sure to just include the path to the directory, not the entire path to the file.
Then restart Apache.
Check it worked with phpinfo().
Have a look at .user.ini section at the php docs.
Since PHP 5.3.0, PHP includes support for .htaccess-style INI files on
a per-directory basis.
But beside the .unser.ini solution you can place an additional ini file in the "additional .ini files parsed" directory. There you can use one single ini file to overwrite all other settings. Name it with zzz at the beginning and it will be parsed at last. This is also easy for your hoster to deploy without destroying his settings.
Kolink, I suspect that you are on a shared hosting service, in which case your host may be using something called suPHP. In this case -- as you describe -- the PHPINIDir directive doesn't work, in which case there is a suPHP_ConfigPath directive.
In terms of access, I have a standard mod_rewrite in my DOCROOT/.htaccess:
RewriteEngine On
RewriteBase /
# if a forbidden directory or file name (starting with a . or /) then raise 404 Fatal
RewriteRule (^|/)[_.] - [F]
What this does is forbid any request for any filename or directory prefixed by . or _. I have a DOCROOT/_private where I keep this stuff for me:
suPHP_ConfigPath DOCROOT/_private
where you will need to replace DOCROOT by your local setting on your service. Look for DOCUMENT_ROOT in a phpinfo() listing.
How can I get Apache to display the contents of my folder and provide links to them? Similar to http://www.kernel.org/pub/linux/?
I don't have access to the Apache configuration, so I'm looking for something in the way of .htaccess or something I can do in just my home folder.
You have to use the option Indexes in the Apache configuration.
For instance, in the .htaccess file for your directory (if you can use those, and have sufficient privileges), you could put :
Options +Indexes
This functionality is provided by mod_autoindex, which has lots of options to allow fine-tuning of the generated output, btw
To get this working, that module must be loaded, and to be able to activate the option in an .htaccess file, you will need the admin of the server to give you some privileges (with the AllowOverride directive in the Apache's main config file, if I remember correctly -- well, your admin should know that better than me anyway ^^ )
I have pushed my .htaccess files to the production severs, but they don't work. Would a restart be the next step, or should I check something else.
A restart is not required for changes to .htaccess. Something else is wrong.
Make sure your .htaccess includes the statement
RewriteEngine on
which is required even if it's also present in httpd.conf. Also check that .htaccess is readable by the httpd process.
Check the error_log - it will tell you of any errors in .htaccess if it's being used.
Putting an intentional syntax error in .htaccess is a good check to make sure the file is being used -- you should get a 500 error on any page in the same directory.
Lastly, you can enable a rewrite log using commands like the following in your httpd.conf:
RewriteLog "logs/rewritelog"
RewriteLogLevel 7
The log file thus generated will give you the gory detail of which rewrite rules matched and how they were handled.
No:
Apache allows for decentralized management of configuration via special files placed inside the web tree. The special files are usually called .htaccess, but any name can be specified in the AccessFileName directive... Since .htaccess files are read on every request, changes made in these files take immediate effect...
From the apache documentation:
Most commonly, the problem is that AllowOverride is not set such that your configuration directives are being honored. Make sure that you don't have a AllowOverride None in effect for the file scope in question. A good test for this is to put garbage in your .htaccess file and reload. If a server error is not generated, then you almost certainly have AllowOverride None in effect.
Only if you have not added the mod_rewrite module to Apache.
You only need to restart Apache if you change any Apache ".conf" files.
I have the same issue and it seems PiedPiper post about AllowOverride were most helpful. Check your httpd.conf file for "AllowOverride" and make sure it is set to All.
In case of .htaccess restart is not required if it is not working probable reasons include.
AllowOverride May not be set which user can set inside httpd.conf or might have to contact server admin.
Check the file name of .htaccess it should be .htaccess not htaccess.txt see here for guide how to create one.
Try to use Options -Indexes or deny all kind of simple directive to see if it is working or not.
clear browser cache everytime if having rule for redirects or similar if previous redirect is cached it appears as if things are not working.
What's in your .htaccess? RewriteRules? Check that mod_rewrite is installed and enabled.
Other stuff? Try setting AllowOverride to 'all' on that directory.