I am using Apache server. Usually when I want to start a new website project, I created a new folder inside my server directory and inside that folder I would have 'index.html or index.php'. When I direct my localhost URL to that folder, it would open it and automatically display index.php.
Now I am trying something new with this CakePHP framework. I finished setting it up, and when I direct my localhost URL to folder 'cakephp-cakephp' (folder containing all the cakePHP files), it then shows me this message:
Release Notes for CakePHP 2.0.0-dev.
Your tmp directory is writable.
The FileEngine is being used for caching. To change the config edit APP/config/core.php
Your database configuration file is present.
I think the next step here is to start the development by saving all my files to "app" folder. But the message is not gone even when I deleted the default index.php files from inside the folder 'cakephp-cakephp'. It seems anyway, the index.php files do not actually generate the message.
Does anybody know what file generates that release notes message? I want to delete that file so that I wont get the message (which I believe is triggered by some default file like 'index.php') when I access folder 'cakephp-cakephp', and then it will show me the file directory inside that folder instead, and I can traverse file directory easily using my browser and access my app folder, in which I am planning to store my index.php file, and save all my development files..
You cannot delete the index.php files and you usually don't modify those files unless you need to do some special configuration. Adding the file app/views/pages/home.ctp gets rid of that message and becomes your default home page.
Also, as stated in the comments, you should really read the manual and try the tutorial.
http://book.cakephp.org
Related
I took over a website which I'm supposed to admin and somebody brought to my attention that certain Indexes and Files are available, which shouldn't be. I will be using dummy names.
You were able to access example.com/intern before, but I changed a line in /etc/apache2/apache2.conf according to this https://stackoverflow.com/a/31445273 . This worked partly, as I get a 403-Forbidden when I now navigate to example.com/intern and that's basically what I want.
However the directory intern governs a file called file.php.bak aswell as file.php. When I navigate to example.com/intern/file.php I get a white website. I am however not sure, if you are able to access file.php in another way, because the site does load and I don't get a 403 like before. What is way worse and the reason I am struggling with this is: If I go to example.com/intern/file.php.bak then my Browser (Firefox) offers me to download file.php.bak, which I can read in plaintext. I want all files in intern to not be accessible via the website, but I have no idea how to do this. Can anybody help?
Things I've tried:
Removing the Indexes from the apache2.conf file like mentioned above. It only puts the 403 on the directory itself and not recursively for all the files in it.
Writing a .htaccess file as described here: https://fedingo.com/how-to-prevent-direct-file-download-in-apache-server/ and putting it in intern with the same result as in 1)
Putting an empty index.html file in the intern directory. This leads to no more 403 in example.com/intern, but the download on example.com/intern/file.php.bak is still possible. I've also tried index.php with the same result.
File System:
The application runs from /var/www/application which is also the folder for the /var/www/application/index.php I want to use. The /var/www/application/intern directory is also there. While it isn't browsable anymore, the files in it still are accessible. /var/www/application/intern/file.php can be navigated to via example.com/intern/file.php, but it seems like it can't be downloaded or read as it results in a white page. /var/www/application/intern/file.php.bak can however be downloaded via example.com/intern/file.php.bak.
Let's say Apache document root is set to DocumentRoot "/folder_one/folder_two"
Placing files in a folder_one will prevent people browsing your apache server and requesting the files directly.
Place index file in folder_two and include some code such as PHP to tell apache to include whatever files you want from folder_one.
In this manor Apache will still be able to serve whatever files you want from folder_one and people will not be able to request the files directly as the are located in a directory above the Apache document root.
I am trying to activate my SSL for my project but one of the the urls doesn't respond.
This is the web site and when you paste the url to the browser, it downloads the .txt file.
http://www.xxx.co.uk/.well-known/pki-validation/83CB00D29E282E1FFD6DFB220F030EF4.txt
This is the Restful .Net Core API domain and when you paste the url to the browser, it returns 404 error.
http://api.xxx.co.uk/.well-known/pki-validation/83CB00D29E282E1FFD6DFB220F030EF4.txt
Under the IIS I have compared the psychical paths, permissions and it seems everything is same. I believe something in Rest API blocks the .txt file download. Should I check the web.config or something I need to add to the C# source code? Should I update ConfigureServices(IServiceCollection services)? In IIS I have checked MIME Types and the .txt is already defined.
Any suggestions?
I believe my problem is pointing to this subject but I am not sure how to enable/define .txt files in startup.cs. Any code snippets?
How to Serve Static File
EDIT: Finally I found a solution. Now the browser can download the .txt files. What I did is, I created a virtual directory in IIS. Here are the steps:
Go to the C: drive
Create a new folder called well-known
Inside the .well-known folder, create another folder named pki-validation
so far, your folders should look like this: C:\.well-known\pki-validation
Upload the TXT file in the pki-validation folder
Open the IIS Manager on your server
Do a right click on your website and select Add Virtual Directory
In the Alias section write .well-known
In the Psychical Path area enter the path to the well known folder. For example: C:\well-known
Press OK to create this alias
The urls are now serving the .txt files. I hope these steps one day saves the other developers time.
I am learning how to use SQL, I set up a localhost, in the course of that journey, I was confronted to the issue of importing sql files into phpMyAdmin, I did the right click on config.inc.php and clicked on the Notepad++ that I previously installed, I typed in there the following code: $cfg['UploadDir']='c:\Files';, of course I created on the hard drive C the Files directory. Now that I came back into phpMyAdmin, clicked on my database, clicked on import, this is what I got as message:
The directory you set for upload work cannot be reached.
Can anyone help me here with this issue?
Your webserver probably doesn't have permission to read 'c:\Files' thus it is not a valid directory. Technically you would say this is out of the web root.
I suggest you set the upload directory to a subdirectory of your web server's root directory (or in the PHPMyAdmin web directory). Then if for your own ease of use you want it to be located at 'c:\Files' you can create a shortcut from the web root upload directory whatever you name it, and place the shortcut in 'c:' and name it 'Files'.
Whenever I create an .htaccess file in a directory it disappears. I am running a VPS at Digital Ocean (I have full control over the server). So I can't see why my .htaccess files are automatically deleted upon creation. I even tried to make the file on my computer and just transfer it to the directory via FTP but as soon as it transfers, it disappears. I checked the log of the FTP transfer and the file transferred successfully. I can't figure this out.
Its because system files are hidden on apache servers... Either select the option to see hidden files if you're using a GUI or type the command "ls -a" if you're on terminal and you should see the files. Any file that starts with a dot is going to be hidden by default. Your .htaccess files fall within the same category.
If you want to be able to view the .htaccess file on the server, make sure you are logged in as the root user, or a user with root level permissions.
Then, navigate yourself to "/home/username/public_html(in my case)" And if you have a .htaccess file uploaded, it should be displayed there.
im working with cms made simple.my problem is my template folder permission.in this cms when a template uploaded,a folder (by the same name of that temlate,for example : 'TEMP1') creates and it's permission is set to 0755.when i want to change permission of the template folder i will get this error :
FileOp Failure on: /home/visamast/public_html/uploads/arty1: Operation not permitted
and also when i want to upload files via ftp or cpanel to this folder nothing will happen,i mean the upload process will be done,but no files has been uploaded!!!!!!!!
how can i fix this problem?!
It sound like you are having an ownership problem rather than a permission problem. If your server is set up to run PHP as a module, files and directories created by PHP will be owned by the generic Apache user. Generally that means that you will not be able to change permissions on the file/directory. Most likely you will need to have your hosting company do a recursive chown on the entire directory tree your site is in to make you the owner of all of the files and directories.