When a user enters the whole url to a file on the webserver he/she can view this file. I want to prevent this and only allow access to the files from within the application (under apache). How can I do that? I already tried:
<Directory /var/www/html/folder/files>
order deny,allow
allow from localhost
</Directory>
This works BUT the file also isn't viewable from within the application anymore.
This is the mod_rewrite rule I'm trying to create. I am very new to Apache admin. Here's the issue:
I have 3 vhosts running on my HTTPD Apache 2.2.24 server: Server1, Server2, Server3. Each vhost is connected to a Weblogic application server. We are trying to prevent access to the Example.portal page on each application server.
So the URLs I'm trying to rewrite are:
- Server1.domain.com/PortalWeb/Example.portal
- Server2.domain.com/PortalWeb/Example.portal
- Server3.domain.com/PortalWeb/Example.portal
So, I would like to redirect the above URLs back to the 'root' of the website. ie: server1.domain.com. Here is my rewrite rule:
RewriteRule ^(.*)/Example.portal$ http://$1 [NC]
So, the rule is matching correctly to URLs that contain Example.portal, however the back reference from (.*) does not seem to map to $1.
In web application we are facing high vulnerability issue based on the session validation.
We can download the files from the server whenever we are passing the link even without login. The links are directly hit into the server and download the files any type of files extension such as .txt, .xml, .zip and so on.
Need the solution for this issue: How will we resolve the issue using validate the session in apache side?
Scenario as below:
When user manually passing the request if user logged they should access the files
When user manually passing the request if user is not login they shouldn't access the files
Here both the scenarios they can access the files but we want to restrict when the request is coming to apache without login.
EX: [URL] ....
When i tried above link I can able to view the file in browser. Even able to download all different fies extension which are having in the under tomcat webapps dir.
How we can restrict this in apache code or any other files in apache side or is there any way to validate the request is logged one or not?.
I'm trying to configure an custom access_log file for an custom file called "extra.php"
How I can make an log file that's log only "extra.php" ....
in wordpress is wp-includes folder, i dont want anyone just execute file from this directory so it just serve wordpress not any malicious file be executed from there,
so i added this rule into /wp-includes/.htaccess:
RewriteRule ^(wp-includes)/.*$ ./ [NC,R=301,L]
I have recently switched from Ubuntu to Mint because I would like to enjoy out of the box functionality. I installed Apache, PHP and Mysql. When I go to localhost, the page displays correctly indicating that the server is functioning. In /var/www/html I created devPages. In devPages I created a symlink to a directory in my home directory where I keep all of my html/php files.
When I point my browser to http://localhost/devPages/1/ I get "You don't have permission to access /devPages/1/ on this server". This appears to be a permissions/ownership issue. I don't want to change the permissions for the directory or files in the home directory because they are set to work properly on my production server. Is there a way to get apache to accept files in my home directory?
I have set owner and group for devPages and the symlink to www-data. Set permissions to 755 for devPages.
By the way, under Ubuntu, I have always used a symlink and it always worked without any issues.
It appears that some people like to take advantage of those files for online web applications such as Wordpress which have php files with permissions set to 777. They use those as a means of creating an upload file. The upload files that they create then have access to the whole server somehow... Is there anyway of preventing this from happening?
View 8 Replies View RelatedDoes the use of partitions prevent hackers from getting access to the entire Unix server?
View 2 Replies View RelatedHow Can I prevent users removing file web.config on FileManager?
I try set attribute read-only, but not effect.
here at work theres a little situation with access privs. im in web and my image upload script places files on the server as www user (i understand that). however, if im working on this script and need to either delete these files or archive them then i dont have privs with my account.
how would one go about giving my account access to delete and modify files the www user has uploaded?
I'm trying to prevent unnecessary GET requests from being processed by my CMS that originate from mutating IP address locations. This is sucking up server resources when the request is processed by the app, and so if possible, I'd like to block them with HTACCESS so that the request is stopped before anything is intensively-processed.
What happens is that an IP address will make a GET request for, say, "blah/test" or "blah/test2" but nothing else (no site assets like images or CSS/JavaScript files or even other pages). After this request, another IP address will then make an equivalent kind of request, and so on, and so on... All of them have similar if not identical user agent strings but they're always worthless requests that do nothing but waste CPU and RAM. I'm assuming it's just some idiotic SPAM bot because of this.
i m a part of development team and i can't find way to test site url while defining website on DW when it says whats your site url. what the other guys r entering are my ip and folder name like [url]is this the right way?
View 7 Replies View RelatedI am actually very inexpirience in server management. I have a small - I believe - problem. I need to get config file onto my computer from my root server. I can access it through terminal, but it is not very confortable. The config file is on root server.
the file is located at //etc/xxx.conf
Do I need to use web browser to do it? If so how?
Or is there a way that I log to my root server through ssh and transfer onto my computer?
1. If I recompile my mysql, can that potentially harm any of my database / table / data?
2. Here is a list of files. [url]. I guess, I have the same in my server. Any idea how can I access to these files?
Here is what I got -
root@usr [/]# find myisam
find: myisam: No such file or directory
I have download manager script that I use for my customers to download products right after the purchase.
Script generates download link that looks like this:
http://www.yourwebsite.com/download/...582921B&p=1840 (where 2YY6582921B is receipt number that is different with each purchase).
All products are placed in one folder. This folder can not be seen in above download url, but can be accessed thru browser and files can be downloaded that way without paying for them.
Can I use .htaccess and if yes how, to protect all product files the way that they can not be accessed directly by visiting url thru browser (in case somebody will find the correct url), they should be allowed for access only for my download manager script.
I don't really now how this can be done, but as far as I can remember when I was in shared hosting, they always complaint about memory usage.... but they always know what specific files were cosing the most load on the server.
So, I remember I have this count.php file that was constantly hited and the complaint and tell me exactly what file it was cosing the heavy load.
This is just an example, but looks like they always knew the specific files that were cosing problems, so what the hell, this can be done!
Now that I have my own server I would like to know these things as well, so I can know what files need to be optimized.
I searched and searched and searched and... OK, you'll get the point, and I just HAVE NOT find any information on this.
Can someone tell me this "secret"? What do you use to get the files that are cosing the most heavy load on a Linux server?
transfer a client's site files (over 220 MB) to my server. The client does not use cPanel or have SSH access.
FTP is horribly tedious. I have created the account on my server and have SSH enabled. I have a feeling I can use wget to download the files to the account's home directory, but I am not sure of the correct syntax to recursively download all the directories and the files.
I have some issues access my files through FTP. I created a new FTP user, that match the domain name, so it is easy for me to terminate access if i choose to delete the domain.
I can only access / see files that i uploaded with that specific FTP user. If i install a plugin inside Wordpress, i can not access those files via FTP.
If i login via SSH, with the root user, i can see all files.
I have tried to add the FTP user to the psacln group, but no luck.
In Plesk 11.5 I set log rotation to once a day and to keep 365 files. But I can only find 13 files (only one access_log) in /var/www/vhosts/mydomain/log. But Plesk tells me that 100 GB are used for the logs (the 13 files only have about 3 GB). Where are the files? In previous versions (before 11.5) I always had the files (named .1, .2 etc) in the same log directory.
View 3 Replies View RelatedI signed up for hosting with IX Web Hosting in April of 2007. There have been two occasions that they provided the perfect example of Terrible Customer Service. So much so, my last pony ride with IX Web Hosting was my last. I decided to call it quits and move my account to Host Gator.
I keep my most important sites on a dedicated server at Servint.net. If you are interested in a dedicated server or VPS, I highly recommend Servint. You will not beat the level of service and professionalism this company offers. But thatâs another post in itself.
The point is, I had some SEO tests I wanted to perform and I was looking for a hosting company that would allow me to host 10 different domains in the same account on different ip addresses. IX Web Hosting had the plan I was looking for. So in April of 2007, I signed up for a hosting account.
Overall, I was pretty satisfied with the server performance at IX Hosting. I experienced very little if any downtime from server issues. They donât offer a standard cpanel interface like most web hosts. It appears to be a proprietary / in house control panel.
It was pretty straight forward and with a little time I was up to speed.
Then on June 5, 2008, I got the following email from a System Administrator at IX Web Hosting.
---------------------------
Hello,
My name is Anthony, and I am a system administrator at IXWebhosting. Iâm here to ensure a reliable and fast hosting / e-mail environment. This is the reason why I ask you to get in touch with us.
We have received numerous complaints from third-parties about spam originating from your website. As you may know, spam is an on-going problem for all internet users, hence all companies have very strict rules against spam. I am here to ensure that neither you nor any other customer is facing any downsides which could be the result of these spam regulations.
We ask you to immediately cease and desist any such activities. If you are unaware of this activity, please contact me or any of my colleagues via this ticket, phone or live-chat so that we can find the reason for the spam activity together and fix the issue instead of the symptom. Viruses and things of that nature may be installed on your computer and will cause the spamming. We recommend that you run an anti-virus program. If you currently do not possess an anti-virus program, you may download a free version. Please just follow the link below to find Googleâs best links for free anti-virus software:
google.com/search?q=free+anti-virus+software [url]
In order to ensure your hosting and mail environment is working flawlessly, we ask you to get in touch with us within the next 72 hours. I highly appreciate your time.
Best Regards,
Anthony Washington
System Administrator
IXWebhosting
-----------------------------------
They identified the domain as bestadtracking.com. This is a domain I own but have never promoted. Not only had I not sent spam through IX Web Hosting, I averaged less than 200 sent email a month on all the domains on my account. So on June 6, 2008 I responded to IX Web Hosting with the following two messages.
-----------------------------------
Hi Anthony,
I can assure you I am not sending spam from this domain or any others. Iâm a little surprised that this domain is in question? I set it up over a year ago and havenât ever promoted it. I donât send any type of email over this domain. I have no reason to. It gets no traffic or inquiries.
Are you sure there isnât some type of mistake? Otherwise, there are a couple of php style contact forms on that site. Could a hacker use that sort of thing to send spam? How can we track this down?
Thanks,
Brent Crouch
615-389-XXXX
-----------------------------------
Here is the second email I sent on the same day.
-----------------------------------
Hi Anthony,
I am using AVG on my computer and the scan completed finding no viruses. Besides that, I am using Outlook to manage the mail on several of my domains. I donât even have a send account setup for bestadtracking.com on my computer. As I stated in the previous reply, I have no reason to since this domain is not promoted.
Can you give me the IP address of where the spam originates? Iâd like to compare that to my IP address here at home and office.
Thanks,
Brent Crouch
-----------------------------------
I had no information to track the issue any further. The lack of response from IX Web Hosting left me to believe the issue had been resolved or there had been a mistake. Then 4 days later on June 10, 2008 I got this message.
-----------------------------------
Brent
We tried to reach you today in order to resolve this issue, but unfortunately it has been well over 72 hours since this ticket was placed. We must sadly suspend your services, please do not hesitate to call us at 1-800-385-0450 any time, day or night.
Best Regards
Ian
-----------------------------------
Amazing! They give me no information to solve this problem. On top of that, they donât respond to my ticket in 4 days and because I didnât answer the phone when they called they suspended not only the domain in question but every domain listed in my account.
I called in and spoke to a tech support guy who allowed me to remove the domain in question and in return, he restored my other domains. He also left a message to have the tech support manager call me the following day.
The manager I spoke to apologized for the way the ticket was handled and the lack of information that was given. He said he would follow up with the employees that were responsible for the ticket and make sure it never happened again. He was helpful in looking at the server logs and determining how someone had loaded a spam bot onto my site.
Apology accepted. Stuff happens. I considered it water under the bridge and not a big deal. Not so muchâ¦..
After my first run in with IX Web Hosting, I wrote the whole incident off as a fluke. The manager I spoke to seemed very sincere and assured me that wasnât proper protocol and wouldnât happen again. I was trucking right along until I got this email from them on October 26, 2008.
-----------------------------------
Dear Brent Crouch,
We have received notification of phishing material in your account. Phishing files are usually placed through some type of exploit of out dated code, weak file and folder permissions. Packaged shopping carts and photo galleries are usual sources as hackers find exploits and developers fix them almost daily, so unless you constantly update the software or completely secure it things like this can happen.
You must agree to remove this content and update any software that has resulted in security holes. To protect your account from further action you must agree to our request for compliance. Please respond to this message stating your intent to do so. You may either log into your control panel with us, and access this ticket via the 24/7 help desk, or provide this ticket number to our Live Chat or phone representatives. Failure to respond to this message within 72 hours will result in the suspension of the affected domain with us until such a time as this matter is resolved.
Michael
-----------------------------------
The email gave me no indication of which domain had been hacked. When I wrote to live help and gave them the ticket number, I spent 10 minutes waiting only to be told they didnât know which of my domains had been effected. They recommended I reply to the online support ticket.
Here is the email I sent them in response on October 27, 2008.
-----------------------------------
I replied to live help and they could not find any information. So far you havenât told me which domain is a problem.
Please give me the info I need to correct this problem and Iâll take care of it.
Brent Crouch
615-389-XXXX
-----------------------------------
Eight hours later, I was able to find the problem by viewing all the files on my domains and looking for the files that had been recently changed. It turned out my brentcrouch.com domain had been hacked and setup with all sorts of eBay and bank phising pages. The site operates on a Wordpress platform which is widely used and is a big target for hackers.
[url]
I wrote back to IX Web Hosting for a second time on October 27, 2008.
-----------------------------------
I found the problem on my brentcrouch.com domain. I updated the wordpress software to the latest and cleaned up the problem. The only exception is the brentcrouch.com/forum directory. I am unable to delete this directory as the hacker has removed my access. Please delete the directory.
Thanks,
Brent Crouch
-----------------------------------
The following day, here is the email I got back from IX Web Hosting.
-----------------------------------
Brent:
Thank you for your attention to this matter. Per your request we have removed:
/brentcrouch.com/forum - deleted
We will be closing this ticket at this time. If you have any questions please feel free to contact us. We will be happy to assist.
Please note that this is the second time this problem occurred. Unfortunately, I have to bring to your attention that as per our terms of service a third instance will result in immediate account termination without notice. No backups will be provided. If you have any questions about how to avoid this from happening again our support team will be glad to advise.
Respectfully
Frankie
Support Tech Representative
-----------------------------------
When I seen that response, I was pissed! I run my own server at Servint.net. Iâve hosting accounts at several other hosting companies. Iâve never had a site hacked except from IX Web Hosting.
In 4 months, Iâve had two sites hacked. In both instances, IX Hosting was zero help in locating the source of the problem. In the first incident, they didnât even reply to my ticket for 4 days. In the latest incident, they couldnât even tell me what domain was hacked.
Then they send me an email telling me if it happens again not only will they suspend my account, theyâll deny me access to my files! Huh?
Thatâs not a risk Iâm willing to take. With the high costs of obtaining customerâs in this business, Iâm a little surprised they donât do a better job of trying to retain them. In my opinion, this policy is unacceptable and makes IX Web Hosting one of the worst hosts Iâve ever dealt with.
I just signed up for a hosting account with Host Gator and have already moved all my domains over. So far, so good.
Whatâs your experience with IX Web Hosting?
i have a Dedicated server and i installed firewall and i fixed all cpanel option and i disable shell access for all users and ......
but my users can upload shell hack files (Like:c99 ) then they can access to another website ,,,, they can`t Write ,,, they can Read files only
but there is a problem because the hacker will read the config files so my Database websites will hack soon
As per subject, I have a cpanel server and lately there is something seems wrong with my apache access logs.
/usr/local/apache/logs/access_log
The problem is the log did not recorded website being accessed in details
Quote:
218.111.202.105 - - [24/May/2008:22:53:37 +0800] "-" 408 -
127.0.0.1 - - [24/May/2008:22:55:01 +0800] "GET /whm-server-status HTTP/1.0" 200 31811
74.53.197.2 - - [24/May/2008:22:55:17 +0800] "-" 408 -
74.53.197.2 - - [24/May/2008:22:55:23 +0800] "-" 408 -
219.93.152.12 - - [24/May/2008:22:56:34 +0800] "-" 408 -
207.234.129.249 - - [24/May/2008:22:56:42 +0800] "-" 408 -
203.130.242.48 - - [24/May/2008:22:56:56 +0800] "-" 408 -
203.130.242.48 - - [24/May/2008:22:57:01 +0800] "-" 408 -
76.184.65.88 - - [24/May/2008:22:58:07 +0800] "t&rls=org.mozilla:en-USfficial&client=firefox-a" 501 -
127.0.0.1 - - [24/May/2008:23:00:01 +0800] "GET /whm-server-status HTTP/1.0" 200 32935
127.0.0.1 - - [24/May/2008:23:01:36 +0800] "GET / HTTP/1.0" 200 3473
58.186.201.58 - - [24/May/2008:23:02:22 +0800] "-" 408 -
203.130.242.48 - - [24/May/2008:23:04:11 +0800] "-" 408 -
203.130.242.48 - - [24/May/2008:23:04:15 +0800] "-" 408 -
127.0.0.1 - - [24/May/2008:23:05:01 +0800] "GET /whm-server-status HTTP/1.0" 200 32548
72.29.95.45 - - [24/May/2008:23:06:13 +0800] "-" 408 -
72.29.95.45 - - [24/May/2008:23:06:13 +0800] "-" 408 -
195.82.99.126 - - [24/May/2008:23:06:43 +0800] "-" 408 -
195.82.99.126 - - [24/May/2008:23:06:49 +0800] "-" 408 -
195.82.99.126 - - [24/May/2008:23:06:54 +0800] "-" 408 -
74.53.197.2 - - [24/May/2008:23:08:16 +0800] "-" 408 -
127.0.0.1 - - [24/May/2008:23:10:01 +0800] "GET /whm-server-status HTTP/1.0" 200 31890
127.0.0.1 - - [24/May/2008:23:10:18 +0800] "GET / HTTP/1.0" 200 3473
208.101.51.84 - - [24/May/2008:23:10:46 +0800] "-" 408 -
62.193.196.250 - - [24/May/2008:23:13:18 +0800] "-" 408 -
62.193.196.250 - - [24/May/2008:23:13:24 +0800] "-" 408 -
62.193.196.250 - - [24/May/2008:23:13:29 +0800] "-" 408 -
127.0.0.1 - - [24/May/2008:23:15:05 +0800] "GET /whm-server-status HTTP/1.0" 200 33145
127.0.0.1 - - [24/May/2008:23:19:08 +0800] "GET / HTTP/1.0" 200 3473
127.0.0.1 - - [24/May/2008:23:20:02 +0800] "GET /whm-server-status HTTP/1.0" 200 32720
67.15.205.17 - - [24/May/2008:23:22:26 +0800] "-" 408 -
127.0.0.1 - - [24/May/2008:23:25:16 +0800] "GET /whm-server-status HTTP/1.0" 200 31203
209.25.195.74 - - [24/May/2008:23:26:21 +0800] "-" 408 -
209.25.195.74 - - [24/May/2008:23:26:24 +0800] "-" 408 -
209.25.195.74 - - [24/May/2008:23:26:27 +0800] "-" 408 -
209.25.195.74 - - [24/May/2008:23:26:29 +0800] "-" 408 -
209.25.195.74 - - [24/May/2008:23:26:33 +0800] "-" 408 -
209.25.195.74 - - [24/May/2008:23:26:36 +0800] "-" 408 -
127.0.0.1 - - [24/May/2008:23:28:05 +0800] "GET / HTTP/1.0" 200 3473
My old logs /usr/local/apache_bacup/logs/access_log record them fine
Quote:
80.191.80.84 - - [18/Jul/2007:04:21:13 +0800] "GET /ss-xs/?action-spacelist-uid-356-type-blog-starttime-1181520000-endtime-1$
80.191.80.84 - - [18/Jul/2007:04:21:53 +0800] "GET /forum/archiver/tid-1303.html HTTP/1.1" 404 -
80.191.80.84 - - [18/Jul/2007:04:22:18 +0800] "GET /forum/archiver/tid-819.html HTTP/1.1" 404 -
80.191.80.84 - - [18/Jul/2007:04:22:37 +0800] "GET /ss-xs/?17/spacelist-blog.html HTTP/1.1" 404 -
80.191.80.84 - - [18/Jul/2007:04:22:44 +0800] "GET /ss-xs/?viewthread-1745.html HTTP/1.1" 404 -
80.191.80.84 - - [18/Jul/2007:04:23:21 +0800] "GET /forum/archiver/tid-2074.html HTTP/1.1" 404 -
80.191.80.84 - - [18/Jul/2007:04:23:29 +0800] "GET /forum/forumdisplay.php?fid=35 HTTP/1.1" 404 -
80.191.80.84 - - [18/Jul/2007:04:23:58 +0800] "GET /forum/archiver/tid-998.html HTTP/1.1" 404 -
80.191.80.84 - - [18/Jul/2007:04:24:02 +0800] "GET /forum/archiver/tid-784.html HTTP/1.1" 404 -
127.0.0.1 - - [18/Jul/2007:04:25:01 +0800] "GET /whm-server-status HTTP/1.0" 200 21150
80.191.80.84 - - [18/Jul/2007:04:25:01 +0800] "GET /forum/archiver/tid-2100-page-1.html HTTP/1.1" 404 -
80.191.80.84 - - [18/Jul/2007:04:25:10 +0800] "GET /forum/archiver/tid-1211-page-3.html HTTP/1.1" 404 -
80.191.80.84 - - [18/Jul/2007:04:25:37 +0800] "GET /forum/archiver/tid-834.html HTTP/1.1" 404 -
127.0.0.1 - - [18/Jul/2007:04:25:40 +0800] "GET / HTTP/1.0" 200 2860
80.191.80.84 - - [18/Jul/2007:04:26:25 +0800] "GET /forum/archiver/tid-623.html HTTP/1.1" 404 -
80.191.80.84 - - [18/Jul/2007:04:26:41 +0800] "GET /forum/archiver/tid-25.html HTTP/1.1" 404 -
80.191.80.84 - - [18/Jul/2007:04:27:18 +0800] "GET /ss-xs/?10/viewspace-18 HTTP/1.1" 404 -
80.191.80.84 - - [18/Jul/2007:04:27:44 +0800] "GET /forum/archiver/tid-802-page-2.html HTTP/1.1" 404 -
80.191.80.84 - - [18/Jul/2007:04:27:48 +0800] "GET /forum/archiver/tid-1802-page-7.html HTTP/1.1" 404 -
80.191.80.84 - - [18/Jul/2007:04:28:15 +0800] "GET /forum/archiver/tid-1569-page-2.html HTTP/1.1" 404 -
80.191.80.84 - - [18/Jul/2007:04:28:31 +0800] "GET /forum/archiver/tid-1133.html HTTP/1.1" 404 -
127.0.0.1 - - [18/Jul/2007:04:30:02 +0800] "GET /whm-server-status HTTP/1.0" 200 21041
80.191.80.84 - - [18/Jul/2007:04:30:19 +0800] "GET /forum/archiver/tid-462-page-1.html HTTP/1.1" 404 -
80.191.80.84 - - [18/Jul/2007:04:30:34 +0800] "GET /forum/archiver/tid-1900.html HTTP/1.1" 404 -
80.191.80.84 - - [18/Jul/2007:04:30:42 +0800] "GET /ss-xs?693 HTTP/1.1" 404 -
80.191.80.84 - - [18/Jul/2007:04:30:46 +0800] "GET /forum/archiver/tid-1501-page-2.html HTTP/1.1" 404 -
80.191.80.84 - - [18/Jul/2007:04:31:48 +0800] "GET /forum/archiver/tid-2055.html HTTP/1.1" 404 -
80.191.80.84 - - [18/Jul/2007:04:31:58 +0800] "GET /forum/archiver/tid-2050-page-2.html HTTP/1.1" 404 -
127.0.0.1 - - [18/Jul/2007:04:34:04 +0800] "GET / HTTP/1.0" 200 2860
80.191.80.84 - - [18/Jul/2007:04:34:32 +0800] "GET /forum/archiver/tid-2019.html HTTP/1.1" 404 -
80.191.80.84 - - [18/Jul/2007:04:34:53 +0800] "GET /forum/archiver/tid-744.html HTTP/1.1" 404 -
80.191.80.84 - - [18/Jul/2007:04:34:59 +0800] "GET /forum/archiver/tid-2135.html HTTP/1.1" 404 -
127.0.0.1 - - [18/Jul/2007:04:35:01 +0800] "GET /whm-server-status HTTP/1.0" 200 21102
80.191.80.84 - - [18/Jul/2007:04:35:11 +0800] "GET /ss-xs/archiver/ HTTP/1.1" 404 -
80.191.80.84 - - [18/Jul/2007:04:36:38 +0800] "GET /forum/archiver/tid-781-page-2.html HTTP/1.1" 404 -
80.191.80.84 - - [18/Jul/2007:04:37:04 +0800] "GET /forum/archiver/tid-1216.html HTTP/1.1" 404 -
80.191.80.84 - - [18/Jul/2007:04:38:09 +0800] "GET /ss-xs/?viewthread-1879.html HTTP/1.1" 404 -
80.191.80.84 - - [18/Jul/2007:04:38:29 +0800] "GET /forum/archiver/tid-275.html HTTP/1.1" 404 -
127.0.0.1 - - [18/Jul/2007:04:40:02 +0800] "GET /whm-server-status HTTP/1.0" 200 21191
how do I make my apache to log the access log in details again?
Can't access apache update in WHM I get an http 500 error page.
View 4 Replies View RelatedI'm trying to set up Apache on CentOS 4. I'm using Apache 2.0 and it can't seem to access anything outside of the /var/www directory - it gives an Error 403.
I thought this would be down to SELinux but this is disabled. I've run the following command on the directory but with no luck:
Code:
chown apache /home/jmaskell -R
I m newbie to apache server. I have created a web site using apache server with theURL... tutorial. I m able to access my web site on my ip address bt unable to access it using other ip of linux system. I m CentOS user. I can ping that ip with my ip. I have edited files as described in the tutorial.
View 1 Replies View RelatedTrying to access my website, which is running on my PC on Apache XAMPP, from another PC by typing:
http://IP:80 and I get a simple page not found error.
Firewall on router and PC are disabled.
Port forwarding is done.
Apache is running on port 80 and port 444
Added to httpd-xampp.conf:
I can't reach my website, I get a "corrupted content" error message in the browser.Looking into apache (version 2.4.7), I get
Code:
~$ apachectl -S
AH00526: Syntax error on line 22 of /etc/apache2/sites-enabled/000-default.conf:
SSLCertificateKeyFile: file '/etc/ssl/private/owncloud.key' does not exist or is empty
Action '-S' failed.
However, I double checked that the file is in the appropriate location and does contain the key, so maybe apache has no permission. afaik, it doesn't run as root all the time - or only for a short time?
permissions for the key file are as follows:
Code:
~$ sudo ls -l /etc/ssl/private/owncloud.key
-rw-r--r-- 1 root ben 1704 Sep 28 04:01 /etc/ssl/private/owncloud.key
, where ben is my normal user.
It was suggested to me on the httpd IRC channel that maybe apparmor was doing something wrong, but I don't know how to investigate that.
to open EML files on apache webserver, actually when I load an eml (outlook email message) by using an URL, it shows the email code, it is not pasing it correctly.
What libraries (apache or system) do I need installed to parse this kind of files?
Im using apache 2.0.6.3, php 5.2.6 and RHE 5.2
Yesterday I was told by my hosting provider that my machine was at kernel panic, so they restarted it and I restarted my webserver (Apache).
I created a sub folder as I wanted to install a PHP script, so I created the folder using FTP and uploaded all of the script files.
The problem is, when I now visit that URL, my browser is asking me to download the .php file instead of the webserver executing it:
[url]
My web host said this:
it sounds like you aren't loading your php module library in your apache.conf and/or not associating the .php extension.
log file for one of our accounts.
I going to /usr/local/apche/domlogs and but in this folder I can found logs for today only.
How can I found previous log files?
