How can I get Apache to display the contents of my folder and provide links to them? Similar to http://www.kernel.org/pub/linux/?
I don't have access to the Apache configuration, so I'm looking for something in the way of .htaccess or something I can do in just my home folder.
You have to use the option Indexes in the Apache configuration.
For instance, in the .htaccess file for your directory (if you can use those, and have sufficient privileges), you could put :
Options +Indexes
This functionality is provided by mod_autoindex, which has lots of options to allow fine-tuning of the generated output, btw
To get this working, that module must be loaded, and to be able to activate the option in an .htaccess file, you will need the admin of the server to give you some privileges (with the AllowOverride directive in the Apache's main config file, if I remember correctly -- well, your admin should know that better than me anyway ^^ )
Related
I have a website url that looks something like this: www.test.com/folder1/test.html
If I change the url to www.test.com/folder1 I can see all the files and folders parallel to folder1. I don't want people to be able to do this and see these folders and files. How can I block access to this?
Please change the document root. The file is located at /etc/apache2/sites-available/000-default.conf if you use Ubuntu.
You need to turn off the Indexes option. You can do it in a .htaccess file for a directory, in the configuration file for the site in a <Directory> section, or the global configuration httpd.conf.
Options -Indexes
This will prevent the server from generating an navigable index of files.
Full documentation is here:
https://httpd.apache.org/docs/2.4/mod/core.html#options
So I have tried to follow some of the posts here to deny access to a public folder using .htaccess.
The problem is that I still can access the folder.
I have put the .htaccess inside my folder, with the commands?
Order allow,deny
Deny from all
I am missing something, but don`t know what.
BTW, I have restarted apache after that.
The site:
www.mysite.com
Folder I want to block
www.mysite.com/helloworld/
That configuration does exactly what you say it should do when I test it.
Presumably your server is configured not to respect .htaccess files.
You can change that by setting:
AllowOverride AuthConfig
… in your main configuration file.
See also the documentation for AllowOverride.
That said, if you don't want the content of a directory to be accessible to anyone over HTTP, then you are better off keeping that directory outside the web root in the first place.
Well, I have a website in apache directory: /var/www/html. Previously I had all my web images in /var/www/html/media, so I used to put /media/imgX.jpgfor loading them. but now I need to put them in /mnt/imgs.
For some reason, using this path does not work the same way as before.
I think it has something to do with permissions using files from outside apache directory but I am not sure about it. Any idea?
The easiest way to add directories to Apache httpd is to use the "alias" module:
Alias /images "/mnt/imgs"
<Directory "/mnt/imgs>
Options Indexes
AllowOverride All
Require all granted
</Directory>
Once you have set up this, test it with: "yourdomain.com/images".
Of course:
The directory "/mnt/imgs" need the appropriate rights, so Apache Httpd can access it. Therefore you need to find out the group it runs with.
These files will be available to the public, if you dont secure them.
Once this is functional, remove the "indexes" line from the snippet above.
I'm using Joomla 2.5 and Apache and I have followed this steps:
1- mod_rewrite module is eneabled? YES
2- htaccess.txt renamed to .htaccess
3- set "Use URL Rewriting" to YES.
And this is what I get:
Not Found
The requested URL /about-us was not found on this server.
The web is located in /var/www/
The .htaccess is located in /var/www/
And this is my .htaccess: http://pastebin.com/dq1TYs1t
Thanks for the help.
Since you said allowoverride was set to none, your .htaccess file will be ignored. You need to set allowoverride to all the other option is leave allowoverride at none, and take the contents of the .htaccess file and incorporate it into your apache configuration file. This has the benefit of being slightly faster as apache doesn't need to look in directory tree for .htaccess files (they are really good to allow users that don't have access to the configs the ability to override the base settings, but if you have access to /var/www you should also have access to make changes to the config files.
There is no need to enable any mod_rewrite module.
Need to enable URL rewriting option in global configuration. Also need to rename htaccess.txt file to .htaccess.
please check there is no any third party component of security like admin tools are enable or installed which is blocking this mod rewrite option.
I have pushed my .htaccess files to the production severs, but they don't work. Would a restart be the next step, or should I check something else.
A restart is not required for changes to .htaccess. Something else is wrong.
Make sure your .htaccess includes the statement
RewriteEngine on
which is required even if it's also present in httpd.conf. Also check that .htaccess is readable by the httpd process.
Check the error_log - it will tell you of any errors in .htaccess if it's being used.
Putting an intentional syntax error in .htaccess is a good check to make sure the file is being used -- you should get a 500 error on any page in the same directory.
Lastly, you can enable a rewrite log using commands like the following in your httpd.conf:
RewriteLog "logs/rewritelog"
RewriteLogLevel 7
The log file thus generated will give you the gory detail of which rewrite rules matched and how they were handled.
No:
Apache allows for decentralized management of configuration via special files placed inside the web tree. The special files are usually called .htaccess, but any name can be specified in the AccessFileName directive... Since .htaccess files are read on every request, changes made in these files take immediate effect...
From the apache documentation:
Most commonly, the problem is that AllowOverride is not set such that your configuration directives are being honored. Make sure that you don't have a AllowOverride None in effect for the file scope in question. A good test for this is to put garbage in your .htaccess file and reload. If a server error is not generated, then you almost certainly have AllowOverride None in effect.
Only if you have not added the mod_rewrite module to Apache.
You only need to restart Apache if you change any Apache ".conf" files.
I have the same issue and it seems PiedPiper post about AllowOverride were most helpful. Check your httpd.conf file for "AllowOverride" and make sure it is set to All.
In case of .htaccess restart is not required if it is not working probable reasons include.
AllowOverride May not be set which user can set inside httpd.conf or might have to contact server admin.
Check the file name of .htaccess it should be .htaccess not htaccess.txt see here for guide how to create one.
Try to use Options -Indexes or deny all kind of simple directive to see if it is working or not.
clear browser cache everytime if having rule for redirects or similar if previous redirect is cached it appears as if things are not working.
What's in your .htaccess? RewriteRules? Check that mod_rewrite is installed and enabled.
Other stuff? Try setting AllowOverride to 'all' on that directory.