I'm looking for how to deny an IP access to my server. Not just a particular site. I have several sites on my server. Do I need to put that denial in each and every .htaccess file? Is there some way I can specify an IP denial to everything anywhere on my server?
View 1 Replies
I looked at my cPanel error log and it was full of entries like this:
[client 64.1.215.166] File does not exist: /home/xxxxxx/public_html/lar.com.br/data-recovery.html
This client seems to be accessing my site specifying file names that are valid pages on my site, but with some random garbage (lar.com.br/ in this example) that appears to be part of another web address inserted in front of it, creating an invalid address.
I have blocked this IP address from accessing the site. Has anyone else seen this kind of thing? Is it a broken piece of software, or an attempt to hack into my site or cause denial of service?
This is no way a statement of the quality of service provided by Robert N. Augustine (Skiplink/SouthEastWeb). I turned down his offer of hosting, so I can not make a statement on it. However everything mentioned here can be verified by logs of mine, and logs provided by my upstream. If an administrator would like proof, I will gladly provide it unless law enforcement instructs me not to. In that case, public court records will be availible.
I just don't know where to start. I would never imagine an incident happening like this. ....
I recently installed Apache/2.0.64(win32)on my Windows 7 machine and am having a problem with external access. The installation appears to be good as it shows all services running and I can access a basic index.html file through 127.0.0.1
I have ruled out any router or firewall issues and am fairly sure the problem is with the httpd config. But the only changes I've made are to the NameServer and Listen directives, so I'm lost for an answer to the problem.
The NameServer is set to my actual IP address while the Listen one is set to my servers internal IP address, but I have tried switching them around with no success.
The other thing I don't know is if I need to have SQL and myPHP installed just to check basic functionality.
I have a local network with modem, router, and several computers either Cat5 to router or via wireless. Router is Cisco Linksys E4200. The internal IP for this router would be 192.168.1.1.One of the computers has Ubuntu Server 14.04 (32-bit) and Apache 2 installed, and this is hardwired (Cat5) to the router. This computer also has a STATIC IP address that we will call 192.168.1.100. my Windows 7 Ultimate computer, I can open a browser and type "192.168.1.100" and the Apache 2 Ubuntu Default Page will pop up telling me that "It works!".
I have the Apache server working since I can access from within my LAN.My problem is to get it to show me the same "It Works!" when I try to access from the Internet.I got my 'external IP' address by simply going to whatismyip.com, and I can also see it from within my router settings.
The next thing I did was to setup Port Forwarding inside the router, to point say 50505 to 192.168.1.100. I've tried lots of port numbers.I cannot see my Apache 2 Default page by typing in my browser "98.180.213.110:50505", for example. This assumes 98.180.213.110 is my external IP and 50505 is the port I am forwarding.
I've tried disabling the IP4 firewall within the router, and even the "anonymous" filter request setting.I can find my web-server via browser in-house, but I cannot access from my external IP as if I were at a different location.
I am running wordpress for ecommerce using httpd-2.4.12 on my Ubuntu Server 12.04.5. The problem I have is some unknown clients received the message that reads "You don't have permission to access the product on this server" when they were trying to access to the Product page to make a purchase.
When I tested on all of my devices, I did not have any issue with accessing to the page. I know that the page is a secure page with https.I've looked into the apache logs file and found nothing that's related to 404 or 403 errors there.what I have configured for my httpd.conf.
I am having a peculiar problem, when ever I attempt to access my server globally I get the dreaded 'No Data Received' error.
The machine is running Ubuntu 13.10 and is a dedicated server (I do not have GUI or physical access to the machine). All ports are open, iptables disabled, yet nothing works (running on port 80). I loaded the files onto a different computer at home and it works nicely, but not on the dedicated server.
Also, when the Apache server is off it says it can not connect in my browser, and when the server is on it says 'No Data Received' ...
I have recently switched from Ubuntu to Mint because I would like to enjoy out of the box functionality. I installed Apache, PHP and Mysql. When I go to localhost, the page displays correctly indicating that the server is functioning. In /var/www/html I created devPages. In devPages I created a symlink to a directory in my home directory where I keep all of my html/php files.
When I point my browser to http://localhost/devPages/1/ I get "You don't have permission to access /devPages/1/ on this server". This appears to be a permissions/ownership issue. I don't want to change the permissions for the directory or files in the home directory because they are set to work properly on my production server. Is there a way to get apache to accept files in my home directory?
I have set owner and group for devPages and the symlink to www-data. Set permissions to 755 for devPages.
By the way, under Ubuntu, I have always used a symlink and it always worked without any issues.
As per subject, I have a cpanel server and lately there is something seems wrong with my apache access logs.
/usr/local/apache/logs/access_log
The problem is the log did not recorded website being accessed in details
Quote:
218.111.202.105 - - [24/May/2008:22:53:37 +0800] "-" 408 -
127.0.0.1 - - [24/May/2008:22:55:01 +0800] "GET /whm-server-status HTTP/1.0" 200 31811
74.53.197.2 - - [24/May/2008:22:55:17 +0800] "-" 408 -
74.53.197.2 - - [24/May/2008:22:55:23 +0800] "-" 408 -
219.93.152.12 - - [24/May/2008:22:56:34 +0800] "-" 408 -
207.234.129.249 - - [24/May/2008:22:56:42 +0800] "-" 408 -
203.130.242.48 - - [24/May/2008:22:56:56 +0800] "-" 408 -
203.130.242.48 - - [24/May/2008:22:57:01 +0800] "-" 408 -
76.184.65.88 - - [24/May/2008:22:58:07 +0800] "t&rls=org.mozilla:en-USfficial&client=firefox-a" 501 -
127.0.0.1 - - [24/May/2008:23:00:01 +0800] "GET /whm-server-status HTTP/1.0" 200 32935
127.0.0.1 - - [24/May/2008:23:01:36 +0800] "GET / HTTP/1.0" 200 3473
58.186.201.58 - - [24/May/2008:23:02:22 +0800] "-" 408 -
203.130.242.48 - - [24/May/2008:23:04:11 +0800] "-" 408 -
203.130.242.48 - - [24/May/2008:23:04:15 +0800] "-" 408 -
127.0.0.1 - - [24/May/2008:23:05:01 +0800] "GET /whm-server-status HTTP/1.0" 200 32548
72.29.95.45 - - [24/May/2008:23:06:13 +0800] "-" 408 -
72.29.95.45 - - [24/May/2008:23:06:13 +0800] "-" 408 -
195.82.99.126 - - [24/May/2008:23:06:43 +0800] "-" 408 -
195.82.99.126 - - [24/May/2008:23:06:49 +0800] "-" 408 -
195.82.99.126 - - [24/May/2008:23:06:54 +0800] "-" 408 -
74.53.197.2 - - [24/May/2008:23:08:16 +0800] "-" 408 -
127.0.0.1 - - [24/May/2008:23:10:01 +0800] "GET /whm-server-status HTTP/1.0" 200 31890
127.0.0.1 - - [24/May/2008:23:10:18 +0800] "GET / HTTP/1.0" 200 3473
208.101.51.84 - - [24/May/2008:23:10:46 +0800] "-" 408 -
62.193.196.250 - - [24/May/2008:23:13:18 +0800] "-" 408 -
62.193.196.250 - - [24/May/2008:23:13:24 +0800] "-" 408 -
62.193.196.250 - - [24/May/2008:23:13:29 +0800] "-" 408 -
127.0.0.1 - - [24/May/2008:23:15:05 +0800] "GET /whm-server-status HTTP/1.0" 200 33145
127.0.0.1 - - [24/May/2008:23:19:08 +0800] "GET / HTTP/1.0" 200 3473
127.0.0.1 - - [24/May/2008:23:20:02 +0800] "GET /whm-server-status HTTP/1.0" 200 32720
67.15.205.17 - - [24/May/2008:23:22:26 +0800] "-" 408 -
127.0.0.1 - - [24/May/2008:23:25:16 +0800] "GET /whm-server-status HTTP/1.0" 200 31203
209.25.195.74 - - [24/May/2008:23:26:21 +0800] "-" 408 -
209.25.195.74 - - [24/May/2008:23:26:24 +0800] "-" 408 -
209.25.195.74 - - [24/May/2008:23:26:27 +0800] "-" 408 -
209.25.195.74 - - [24/May/2008:23:26:29 +0800] "-" 408 -
209.25.195.74 - - [24/May/2008:23:26:33 +0800] "-" 408 -
209.25.195.74 - - [24/May/2008:23:26:36 +0800] "-" 408 -
127.0.0.1 - - [24/May/2008:23:28:05 +0800] "GET / HTTP/1.0" 200 3473
My old logs /usr/local/apache_bacup/logs/access_log record them fine
Quote:
80.191.80.84 - - [18/Jul/2007:04:21:13 +0800] "GET /ss-xs/?action-spacelist-uid-356-type-blog-starttime-1181520000-endtime-1$
80.191.80.84 - - [18/Jul/2007:04:21:53 +0800] "GET /forum/archiver/tid-1303.html HTTP/1.1" 404 -
80.191.80.84 - - [18/Jul/2007:04:22:18 +0800] "GET /forum/archiver/tid-819.html HTTP/1.1" 404 -
80.191.80.84 - - [18/Jul/2007:04:22:37 +0800] "GET /ss-xs/?17/spacelist-blog.html HTTP/1.1" 404 -
80.191.80.84 - - [18/Jul/2007:04:22:44 +0800] "GET /ss-xs/?viewthread-1745.html HTTP/1.1" 404 -
80.191.80.84 - - [18/Jul/2007:04:23:21 +0800] "GET /forum/archiver/tid-2074.html HTTP/1.1" 404 -
80.191.80.84 - - [18/Jul/2007:04:23:29 +0800] "GET /forum/forumdisplay.php?fid=35 HTTP/1.1" 404 -
80.191.80.84 - - [18/Jul/2007:04:23:58 +0800] "GET /forum/archiver/tid-998.html HTTP/1.1" 404 -
80.191.80.84 - - [18/Jul/2007:04:24:02 +0800] "GET /forum/archiver/tid-784.html HTTP/1.1" 404 -
127.0.0.1 - - [18/Jul/2007:04:25:01 +0800] "GET /whm-server-status HTTP/1.0" 200 21150
80.191.80.84 - - [18/Jul/2007:04:25:01 +0800] "GET /forum/archiver/tid-2100-page-1.html HTTP/1.1" 404 -
80.191.80.84 - - [18/Jul/2007:04:25:10 +0800] "GET /forum/archiver/tid-1211-page-3.html HTTP/1.1" 404 -
80.191.80.84 - - [18/Jul/2007:04:25:37 +0800] "GET /forum/archiver/tid-834.html HTTP/1.1" 404 -
127.0.0.1 - - [18/Jul/2007:04:25:40 +0800] "GET / HTTP/1.0" 200 2860
80.191.80.84 - - [18/Jul/2007:04:26:25 +0800] "GET /forum/archiver/tid-623.html HTTP/1.1" 404 -
80.191.80.84 - - [18/Jul/2007:04:26:41 +0800] "GET /forum/archiver/tid-25.html HTTP/1.1" 404 -
80.191.80.84 - - [18/Jul/2007:04:27:18 +0800] "GET /ss-xs/?10/viewspace-18 HTTP/1.1" 404 -
80.191.80.84 - - [18/Jul/2007:04:27:44 +0800] "GET /forum/archiver/tid-802-page-2.html HTTP/1.1" 404 -
80.191.80.84 - - [18/Jul/2007:04:27:48 +0800] "GET /forum/archiver/tid-1802-page-7.html HTTP/1.1" 404 -
80.191.80.84 - - [18/Jul/2007:04:28:15 +0800] "GET /forum/archiver/tid-1569-page-2.html HTTP/1.1" 404 -
80.191.80.84 - - [18/Jul/2007:04:28:31 +0800] "GET /forum/archiver/tid-1133.html HTTP/1.1" 404 -
127.0.0.1 - - [18/Jul/2007:04:30:02 +0800] "GET /whm-server-status HTTP/1.0" 200 21041
80.191.80.84 - - [18/Jul/2007:04:30:19 +0800] "GET /forum/archiver/tid-462-page-1.html HTTP/1.1" 404 -
80.191.80.84 - - [18/Jul/2007:04:30:34 +0800] "GET /forum/archiver/tid-1900.html HTTP/1.1" 404 -
80.191.80.84 - - [18/Jul/2007:04:30:42 +0800] "GET /ss-xs?693 HTTP/1.1" 404 -
80.191.80.84 - - [18/Jul/2007:04:30:46 +0800] "GET /forum/archiver/tid-1501-page-2.html HTTP/1.1" 404 -
80.191.80.84 - - [18/Jul/2007:04:31:48 +0800] "GET /forum/archiver/tid-2055.html HTTP/1.1" 404 -
80.191.80.84 - - [18/Jul/2007:04:31:58 +0800] "GET /forum/archiver/tid-2050-page-2.html HTTP/1.1" 404 -
127.0.0.1 - - [18/Jul/2007:04:34:04 +0800] "GET / HTTP/1.0" 200 2860
80.191.80.84 - - [18/Jul/2007:04:34:32 +0800] "GET /forum/archiver/tid-2019.html HTTP/1.1" 404 -
80.191.80.84 - - [18/Jul/2007:04:34:53 +0800] "GET /forum/archiver/tid-744.html HTTP/1.1" 404 -
80.191.80.84 - - [18/Jul/2007:04:34:59 +0800] "GET /forum/archiver/tid-2135.html HTTP/1.1" 404 -
127.0.0.1 - - [18/Jul/2007:04:35:01 +0800] "GET /whm-server-status HTTP/1.0" 200 21102
80.191.80.84 - - [18/Jul/2007:04:35:11 +0800] "GET /ss-xs/archiver/ HTTP/1.1" 404 -
80.191.80.84 - - [18/Jul/2007:04:36:38 +0800] "GET /forum/archiver/tid-781-page-2.html HTTP/1.1" 404 -
80.191.80.84 - - [18/Jul/2007:04:37:04 +0800] "GET /forum/archiver/tid-1216.html HTTP/1.1" 404 -
80.191.80.84 - - [18/Jul/2007:04:38:09 +0800] "GET /ss-xs/?viewthread-1879.html HTTP/1.1" 404 -
80.191.80.84 - - [18/Jul/2007:04:38:29 +0800] "GET /forum/archiver/tid-275.html HTTP/1.1" 404 -
127.0.0.1 - - [18/Jul/2007:04:40:02 +0800] "GET /whm-server-status HTTP/1.0" 200 21191
how do I make my apache to log the access log in details again?
Can't access apache update in WHM I get an http 500 error page.
View 4 Replies View RelatedI'm trying to set up Apache on CentOS 4. I'm using Apache 2.0 and it can't seem to access anything outside of the /var/www directory - it gives an Error 403.
I thought this would be down to SELinux but this is disabled. I've run the following command on the directory but with no luck:
Code:
chown apache /home/jmaskell -R
I m newbie to apache server. I have created a web site using apache server with theURL... tutorial. I m able to access my web site on my ip address bt unable to access it using other ip of linux system. I m CentOS user. I can ping that ip with my ip. I have edited files as described in the tutorial.
View 1 Replies View RelatedTrying to access my website, which is running on my PC on Apache XAMPP, from another PC by typing:
http://IP:80 and I get a simple page not found error.
Firewall on router and PC are disabled.
Port forwarding is done.
Apache is running on port 80 and port 444
Added to httpd-xampp.conf:
I can't reach my website, I get a "corrupted content" error message in the browser.Looking into apache (version 2.4.7), I get
Code:
~$ apachectl -S
AH00526: Syntax error on line 22 of /etc/apache2/sites-enabled/000-default.conf:
SSLCertificateKeyFile: file '/etc/ssl/private/owncloud.key' does not exist or is empty
Action '-S' failed.
However, I double checked that the file is in the appropriate location and does contain the key, so maybe apache has no permission. afaik, it doesn't run as root all the time - or only for a short time?
permissions for the key file are as follows:
Code:
~$ sudo ls -l /etc/ssl/private/owncloud.key
-rw-r--r-- 1 root ben 1704 Sep 28 04:01 /etc/ssl/private/owncloud.key
, where ben is my normal user.
It was suggested to me on the httpd IRC channel that maybe apparmor was doing something wrong, but I don't know how to investigate that.
I'm getting an error when I try to allow apache access a mount nfs folder...
View 4 Replies View RelatedI have installed Apache 2.4.3, and PHP 5.4.5 64-bit, and I have installed PostgreSQL 9.2 64-bits under my new system windows 7 64 bits. Apache and PHP could work nicely, and PostgreSQL run fine too. However, PHP couldn't access the PostgreSQL. pg_connect(), and followed by echo select version(), didn't give any error. When PostgreSQL module was not loaded (because my php dir was d:php, but inside httpd.conf i type D:/PHP), I got message saying something like "undefined pg_connect()." I fixed it, but select version() or any other echo after pg_connect() didn't give any output.
View 5 Replies View Relatedi signed up for vps from vps.me and i got ssh credential i logged in ssh using token2shell but when i put my server ip "10.223.1.157" in google chorome but then it says unable to find even i am not able to access ftp through filezilla also
View 3 Replies View RelatedI have XAMPP server which works fine. When I wanted to load webpages through my lan network it said I need to edit httpd-xampp.conf. When I try to load from internet there is no connection at all. I changed httpd-xampp.conf from this
Code :
<LocationMatch "^/(?i:(?:xampp|security|licenses|phpmyadmin|webalizer|server-status|server-info))">
Order deny,allow
Deny from all
Allow from 127.0.0.0/8
ErrorDocument 403 /error/HTTP_XAMPP_FORBIDDEN.html.var
</LocationMatch>
When a user enters the whole url to a file on the webserver he/she can view this file. I want to prevent this and only allow access to the files from within the application (under apache). How can I do that? I already tried:
<Directory /var/www/html/folder/files>
order deny,allow
allow from localhost
</Directory>
This works BUT the file also isn't viewable from within the application anymore.
I made the idiotic move of not making a backup of the default configs and now I can't access my http website externally. ssl works fine, but I need http to work too.
View 3 Replies View RelatedI have a lamp server setup with a couple of vhosts. Investigating the log files for a situation I found that it seems to be missing some entries. The access log contains a long list of files (images and css) requested by the client regarding a request to a page (having a specific url as referer), but the actual request is missing. The url called is an automatically generated url that should only be available as an unsubscribe link in emails send to a specific user, thus the use of it in the logs is limited
At the same time I can find log entries in our database that I am 99.9% sure can only originate from this specific URL being requested (never say never). These log entries are stamped just before all the auxiliary requests having the url as referer, but again the actual request is not to be found.
I have Apache 2.2 installed on my Unix Server and have a couple of Application servers running each of them having similar Document Root.
For example, The URLS will look like below
https://my-test1.com/demo/index.html
https://my-prod1.com/demo/index.html
https://my-qa1.com/demo/index.html
The directory folder looks like
/myapp/my-test1/demo/index.html
/myapp/my-prod1/demo/index.html
/myapp/my-qa1/demo/index.html
I would like to restrict access to the above prod1 URL for a specific set of IP's. How can I achieve this.
I have an ubuntu Server install running the latest Apache. This is all running on a Virtualbox VM.
I have 3 sites configured. 2 of them are set-up with DNS point from the outside world and are working just fine.
When I go to domain1.com and domain2.com the right pages are displayed. The 3rd host is the default host and when I go to the local ip address 192.168.0.x of the server the correct folder is being displayed.
So all being well I wanted to run MediaWiki on that local default host. limiting access to people who are on the local subnet. Seems easy enough I will change the "allow from all" statement for that virtual to allow from 192.68.0.0/255.255.255.0 and add the deny.
But my issue is the the alias
Alias /mediawiki /var/lib/mediawiki
is being added to all 3 sites
so domain1.com/mediawiki domain2.com/mediawiki are also displaying the wiki pages.
This alias was added in the /etc/mediawiki/apache.conf by the mediawiki install. The instructions I had were to then go in and uncomment to make it available.
I have a problem with my new server's setup. It's using a big RAID storage mounted to the main system. When it comes to shell everything is fine, I have access to the disk and files. Problems rise when I try to access the storage content from my php scripts (running on apache) - "Permission Denied" ...
Anyone knows where might be the problem?
I suppose it's because of using RAID but I'm sure it's doable.. somehow..
When I tried to use CLI mode it looks fine - PHP script can access RAID'ed folders when running like :
php /var/www/html/filetest.php
I have apache, php, and mysql setup on CentOS 4.4. I have phpMyAdmin running perfectly in a folder in /var/www/html/phpMyAdmin. I can access phpMyAdmin and use it perfectly. I downloaded Cacti which is a server monitoring application written in php, nothing special. I untar the file and it creates a folder, I simply do a mv command from /home/sys/cacti to /etc/www/html/cacti. Then when I open my browser and attempt to access: [url]I am getting a Access Denied error. It makes no sense though, I have verified the permissions of the files and folders, all good.
The group owner and owner are root, the files are all -rw-r--r-- and the folders are drwxr-xr-x.
I can't access to some alias page by URL....
(getting 403 - Forbidden) but i can by https - [URL] ....
Code:
<VirtualHost 10.7.10.10:80>
ServerName mydomain.com
ServerAlias www.mydomain.com
DocumentRoot "c:/Apache24/htdocs"
Alias /static "d:/static"
[Code] .....
Code:
<VirtualHost 10.7.10.10:443>
DocumentRoot "C:/Apache24/htdocs"
ServerName domain.com
ServerAlias www.domain.com
SSLEngine on
[Code] .....
What could be wrong as the config is exactly the same for both VirtualHosts
I am working with an Apple Lion Server. I want to give users the possibility to gain access to certain share points with the webbrowser via the WebDAV protocol. The OS allows to define sharepoints with the GUI. In this GUI you can adjust, that the users are allowed to access the sharepoints via WebDAV but it is not possible to access the folders via a browser. You just get an error from the webserver after a login:
You don't have permission to access /webdav/ on this server.
So I have looked for the relevant configuration file "httpd_webdavsharing.conf" (apache v2.2)
Code:
#
# Apache Config for WebDAV Sharing
# Activated and deactivated by com.apple.webapp.webdavsharing webapp
#
RegisterResource "WebDAV Sharing: %c %s" /webdav main webdav
RewriteEngine On
RewriteMap webdavmap prg:/usr/libexec/webdavsharing/webdavsharing_mapper
[Code] .....
Is there a way to modify the code in such a way that it allows the favoured access?
We have many intranet document what linked on our intranet site. We use "apache builed in" directory listing to handle documents on browser, and make accessable to users. Because this not so user friendly we try to use a template (h5ai-[URL] ....) for mod_autoindex.
Unfortunatelly if file or folder name contains special characters (like é,á,ű,ő,ú,ü,ö,ó) than get Access Forbidden - Error 403. If change the folder name, than its ok.
I use xampp. how to solve this.
I want to run an HTML webpage that accesses an MP3 resource that's also on my website. However, I only want the webpage to have access to the file and block access from those attempting to access the file directly. That leaves me with two options:
1. Block access through the Apache configuration so that only my Webserver can access the resource, or
2. Hide the URL in the code.
How I can go about doing this?
