I created a file .htaccess in the /var/www directory. The rights are "root root --wxrwxrwxr".
The content of the file is:
Options +FollowSymlinks
RewriteEngine on
RewriteLogLevel 3
RewriteLog "/var/log/apache2/rewrite.log"
RewriteRule ^(.*?)$ testphp.php
When I call the page phpinfo.php, I've got: Loaded Modules ... mod_rewrite ...
Therefore, the modules is loaded.
After each modification, I restared the server manually with sudo /etc/init.d/apache2 restart.
The error.log gives
Apache/2.2.14 (Ubuntu) PHP/5.3.2-1ubuntu4.2 with Suhosin-Patch configured -- resuming normal operations
When I call a page anyone.htm or anyone.php, the rewrite.log does contain nothing and the real page is called. If I understand, the page anyone.php should be replaced by testphp.php
Did I make siomething wrong?
Thanks
If i were a web server, i'd ignore any config file that was world writable, for stability and security's sakes. I know there's places in Apache that do exactly that; i forget whether .htaccess processing is one of those places, but i'd assume/hope it is.
Thanks for your help
Here is what I made to get the Apache2 server running with the Rewrite Rule:
I re-installed the server from a new hard disk
I activated the Rewrite with 'sudo a2enmod rewrite'
I created the file '.htaccess' with the rules:
RewriteEngine On
RewriteRules ^(.*)$ test.php
In the "/etc/apache2/sites-available/default", I added in the directory/
AllowOverride all
Order deny,allow
Allow from all
and in the directory "/var/www", the same 2 lines. I don't know why, but the rules RewriteLog n does not word in the .htaccess. In the "/var/www", I created 2 files, index.html (the default) and test.php. The test.php contains
<?php phpinfo(); ?>
When I call the page index.html, the php info is displayed
One more time, thanks.
Related
Have upgraded PHP 7.4 to to PHP 8.2.1 on mac osx, and for some reason, can not locate what is causing an issue with the .htaccess file having this code in it:
Options -Indexes -Multiviews
If I remove this code the site loads, but than shows all folders and files which is not desirable. Need site to load the index.php file that is being shown here, trying to hide this, but once this is in the .htaccess file, I'm getting the following error message:
Forbidden
You don't have permission to access this resource.
Is there something in PHP that needs to be set? I did change the php_module to point to PHP 8 in the httpd.conf file, so I don't understand what else might need to change to get my localhost loaded properly instead of showing files and folders?
BTW, this was working fine on PHP 7.4, but after updating, no longer works. Maybe I have to install other modules for 8.2.1 to work correctly?
If I switch back to using PHP 7.4 everything is loading fine on the site after restarting apache.
Need site to load the index.php file
You need to set the DirectoryIndex (mod_dir) - this defaults to index.html only (an Apache issue, not PHP). It is the DirectoryIndex that determines which file(s) Apache will try to serve when requesting a directory.
For example:
Options -Indexes -Multiviews
DirectoryIndex index.php
If a DirectoryIndex document (there can be more than 1) is not found... and mod_autoindex is disabled (ie. -Indexes) then you get a 403 Forbidden response. If mod_autoindex is enabled then you naturally see a directory listing. (If mod_autoindex is not installed at all then you get a 404 Not Found.)
mod_autoindex (ie. Indexes) is not enabled by default on Apache 2.4 (it is on Apache 2.2), however, it has likely been explicitly enabled elsewhere in the server config.
I have a severe problem, my cPanel URLs public, I don't want anyone to know the cPanel configuration URLs because if any user can access it with yourdomain.com/cpanel.
As I have shared hosting, I don't have access to the httpd/root or the server configuration files. I want to know whether I can add some code to the .htaccess file and stop this redirection.
I previously had shared hosting, and I discovered that this is not possible in shared hosting, you need to have root access.
I bought a vps hosting and removed it by doing the following:
Copying the Apache 2.4 template for EasyApache 4 to allow for customization using command line/terminal:
cp -a /var/cpanel/templates/apache2_4/ea4_main.default /var/cpanel/templates/apache2_4/ea4_main.local
By editing /var/cpanel/templates/apache2_4/ea4_main.local to change the entries to match your preferences:
vim /var/cpanel/templates/apache2_4/ea4_main.local
For instance, if you wanted to disable the /cpanel alias, you'd remove this line when editing the file:
ScriptAliasMatch ^/?cpanel/?$ /usr/local/cpanel/cgi-sys/redirect.cgi
And then rebuilding the httpd.conf file by using:
/scripts/rebuildhttpdconf
And the last step is to restart by using:
service httpd restart
And your cPanel conf paths will be removed.
If you want to deny access to http://www.example.com/cpanel, do this:
In httpd.conf make sure you load mod_rewrite: LoadModule rewrite_module modules/mod_rewrite.so. Since you are on a shared hosting, you may not have access to that, but then it is most probably already loaded.
In your .htaccess, add:
RewriteEngine On
RewriteCond %{QUERY_STRING} "^/cpanel$"
RewriteRule ".*" "-" [F,L]
Tag [F] causes the server to return a 403 Forbidden status code to the client (ref: https://httpd.apache.org/docs/2.4/rewrite/flags.html#flag_f)
To ensure the .htaccess directives are taken into account, make sure you add this to the options of the directory where it resides:
AllowOverwride All
Refer to this SO question: How to Set AllowOverride all
in Apache 2.4.6 (the up-to-date version from CentOS 7 repository) I am trying to pass all the PHP files for processing to a specially compiled PHP-FPM in case that "php7.enable" file is present in the root of the website.
If I try this:
<If "-f %{DOCUMENT_ROOT} . '/php7.enable'">
RewriteEngine On
RewriteRule "^/(.*\.php(/.*)?)$" "fcgi://127.0.0.1:9000/%{DOCUMENT_ROOT}/$1" [P]
</If>
the condition works, but the %{DOCUMENT_ROOT} on the RewriteRule line is not expanded to the variable value, but is everytime empty. Strange is, that outside the "If" block, the expansion works.
Does anybody have any idea why and how to make it work ?
Thanks.
I've found a workaround which is the solution of my problem:
<FilesMatch "\.php$">
Require all granted
<If "-f '%{DOCUMENT_ROOT}/php7.enable'">
SetHandler proxy:fcgi://127.0.0.1:9001
</If>
</FilesMatch>
so I don't need the DOCUMENT_ROOT value at all and it works perfectly.
If I put "php7.enable" file to the DOCUMENT_ROOT of the website, all PHP files are being interpreted by PHP-FPM (running PHP7). If there's no such file found in the DOCUMENT_ROOT, the Apache handler is used to let the PHP interpret by (OS built-in) PHP5.
Thanks for all the ideas, it helped me to find a way to the root cause of the problem (with VirtualDocumentRoot in the config file the DOCUMENT_ROOT is probably not filled-in correctly).
It can be also seen in this question - Mass virtual hosting with Apache 2.4
I had mod_rewrite set on my server to rewrite a url like the following
http://www.example.com/1
to
http://www.example.com/index.php?show=1
In order words a URL shortern. Everything was working fine when the system was running under a sub-domain on my development site, but now it just generates a Not Found error, although if I manually enter the url /index.php?show=1 it works fine.
So the only changes is the urls switching from
http://www.site.example.com
to
http://www.site.com
however it's still running on the same server and the same sub-folder inside public_html on the server just the new domain name has been pointed to that folder.
The folder it's stored in is /public_html/paste
The full .htaccess file running in the directory is
# Set Default File
DirectoryIndex index.php
# Turn ReWrite Engine On
RewriteEngine on
# Create Rule To Write URLs To Shorter Versions
RewriteRule /([a-z0-9]+) /index.php?show=$1
I can't enable RewriteLog as the hosting doesn't allow it for some reason.
It sounds like the AllowOverride directive is not properly set for that folder. In your Apache configuration, you should make sure that the Directory or Vhost you're using for the primary domain has the AllowOverride set to All
http://httpd.apache.org/docs/2.0/mod/core.html#allowoverride
You probably need to specify the RewriteBase directive.
http://httpd.apache.org/docs/current/mod/mod_rewrite.html#rewritebase
I'll also note that Options +FollowSymlinks would be good to have in there too in case you ever turn it off further up the config chain (rewrite wont work without it).
My website has a file: www.mydomain.com/contact.php
If I request any of the following (which do not exist), apache serves the contact.php page.
www.mydomain.com/contact
www.mydomain.com/contact/
www.mydomain.com/contact/anything/else/here
How can I determine what part of the apache config to change to disallow this?
The apache server is running on a CentOS 5 box if that makes any difference.
This is called MultiViews.
A .htaccess file or modifying your httpd.conf with Options -MultiViews should do the trick.