Apache Treats Files As Folders
Mar 5, 2014
I have just discovered in my access log some people accessing urls like this:
domain.com/index.php/index.php/ or even
domain.com/index.php/index.php/index.php
I have opened those links in browser and they worked. Why?
My .htaccess is empty and I have no 'index.php' folder. But I do have 'index.php' file.
I think this is happening to most php sites, not just mine. This is a random example:
[URL] ....
My question is how to force apache to return 404 error when such url is accessed?
View 1 Replies
ADVERTISEMENT
Feb 22, 2008
I'd like to know how to secure an SMF site. Is the default permission good enough?
View 4 Replies
View Related
Jul 13, 2008
Something weird happening here. I have tried every string possible...
There are a number of folders I want to remove off my server, tried the good old and simple...
rm -r /folder/
And then went and ended up with a string as long as my screen. No matter what I do, as it goes recursive in to the directory it asks me if I want to remove each file individually. No matter what string or action I take it insists on asking me as it goes to delete each file.
Could this be a configuration option in CentOS?
View 3 Replies
View Related
Jun 3, 2009
I'm currently using (amongst other backup systems) rsync to an offsite space (am using BQBackup at the moment)
I'm just wondering - apart from backing up all of /home/, /var/lib/mysql/ and the important config files (httpd.conf, php.conf, etc etc) is there anything else that *needs* to be backed up?
Obviously in a worst case scenario, a new machine would be deployed with a fresh OS install (and a fresh WHM/cPanel install) so I wouldn't worry about backing up OS files or cPanel core files, although I'm wondering if there's anything apart from the /home/ directory and the MySQL databases which would be lost (and so need backing up) in the event of a crash?
View 10 Replies
View Related
Sep 1, 2007
Try this useful script to find all 777 permission files and folders in /home directory
also it can find all names of suspected folders and files you want
and then you can take the required action
to install this follow the steps
login as root
Code:
cd /root
Code:
pico checkpandnscript.sh
Enter this code and in the 5th line from the end change
email@email.com to your email
Code:
# This file will help you to find suspected folders and files in /home directory
# Coded and desgined by Alrutani Web Hosting www.alrutani.com , for more informations please contact us.
#!/bin/sh
echo " " > /root/perdfmbc
echo "################# Folders with 777 permission #################" >> /root/perdfmbc
echo " " >> /root/perdfmbc
find /home -type d -perm 777 |egrep -v "./cpapachebuild|./.cpan|./src" >> /root/perdfmbc
echo " " >> /root/perdfmbc
echo "################## Files with 777 permission ##################" >> /root/perdfmbc
echo " " >> /root/perdfmbc
find /home -type f -perm 777 >> /root/perdfmbc
echo " " >> /root/perdfmbc
echo "############### Folders & files must be checked ###############" >> /root/perdfmbc
echo " " >> /root/perdfmbc
find /home -name forum >> /root/perdfmbc
find /home -name upload >> /root/perdfmbc
find /home -name 4images >> /root/perdfmbc
find /home -name gallery >> /root/perdfmbc
find /home -name uploader >> /root/perdfmbc
find /home -name up >> /root/perdfmbc
find /home -name r57shell >> /root/perdfmbc
find /home -name r57shell.php >> /root/perdfmbc
find /home -name r57.php >> /root/perdfmbc
find /home -name c99shell >> /root/perdfmbc
find /home -name c99shell.php >> /root/perdfmbc
find /home -name c99.php >> /root/perdfmbc
find /home -name shell.php >> /root/perdfmbc
echo " " >> /root/perdfmbc
echo "###############################################################" >> /root/perdfmbc
echo "Developed by Alrutani Web Hosting http://www.alrutani.com" >> /root/perdfmbc
echo "For more informations please contact us." >> /root/perdfmbc
echo " " >> /root/perdfmbc
cat /root/perdfmbc | mail -s "Suspected files & folders in your server" email@email.com
cd /root
rm -rf perdfmbc
# This file will help you to find suspected folders and files in /home directory
# Coded and desgined by Alrutani Web Hosting www.alrutani.com , for more informations please contact us.
To add more files and folders that you want the system to list
fine
Code:
find /home -name upload >> /root/perdfmbc
after it add
Code:
find /home -name xxxxxx >> /root/perdfmbc
where xxxxx is the name of the file or the folder you want
Save file Ctrl X
select yes then click enter
Code:
chmod 755 checkpandnscript.sh
To make the script works daily
Code:
crontab -e
At the end enter
Code:
* 3 * * * sh /root/checkpandnscript.sh
save and exit done !!
now to test the script
Code:
cd /root
Code:
sh checkpandnscript.sh
you will receive email from the server
View 2 Replies
View Related
Aug 7, 2014
If users copy files/folders on Plesk Panel 11/12 with attribute "read-only", I don't see this attribute on File Manager, every time do next "attrib -r <path to file/folder".
Maybe you can improve functionality of "File Manager" on Plesk Panel 12?
View 1 Replies
View Related
Feb 20, 2015
I have a concern during the installation of PrestaShop. I created a subdomain through Plesk, put my files on my server via FTP. During installation of PrestaShop, I have a problem:
Recursive write permissions for the Apache user on the ~ / config /
My user is "NOWIS" and my group is "psacln" ....
I think the user "NOWIS" has no rights as "Apache" ....
View 3 Replies
View Related
Jun 6, 2008
we've been having issues with reaching or exceeding our disk quotas. I've checked carefully, and while I've cleared our mail queue's, I don't think that's the issue.
So what I'm really looking for is a way to figure out why we have so many files (our quota is 220000, and I'm pretty confident that we aren't intentionally doing anything to create so many files). There's lots of information on finding the folders with the largest file sizes, but locating the folders with the greatest number of files isn't quite so simple--or at least, it doesn't seem very clear to me.
Does anyone know a way via the command line to figure out this information, short of going through every single folder and figuring out how many files are in the specific folder?
View 6 Replies
View Related
Jun 23, 2014
I have the following problem, the files and folders generated by PHP are hidden in FTP.
I can see in the Plesk file manager that users, permissions and groups are the same for all files and folders (those that can be seen and those that cannot be seen from FTP).
All the options in the server are set by default. It is a new installation of Plesk 12.0.18 #4 in CentOS 6.5 (Final).
SO: CentOS 6.5 (Final)
Plesk: 12.0.18 #4
PHP: FasctCGI
Apache Modules:
View 3 Replies
View Related
Jul 12, 2007
my server has just one site, apache conf has such a line:
Code:
ScriptAlias /cgi-bin/ "/usr/local/apache/htdocs/cgi-bin/"
and
Code:
<Directory "usr/local/apache/htdocs/cgi-bin">
AllowOverride None
Options None
Order allow,deny
Allow from all
</Directory>
then, my cgi script may run well under the said folder,
/usr/local/apache/htdocs/cgi-bin
but I have another script need to be setup another cgi-bin under its own folder below htdocs folder, like,
/usr/local/apache/htdocs/anotherscript/cgi-bin
however, when I run the said script in browser:
Code:
http://www.mydomain.com/anotherscript/cgi-bin/abc.cgi
the browser just shows source codes, instead of running it. I am guessing something wrong in httpd.conf,
may I know how to set apache httpd.conf to meet my requirement?
View 3 Replies
View Related
Mar 19, 2013
I am working with an Apple Lion Server. I want to give users the possibility to gain access to certain share points with the webbrowser via the WebDAV protocol. The OS allows to define sharepoints with the GUI. In this GUI you can adjust, that the users are allowed to access the sharepoints via WebDAV but it is not possible to access the folders via a browser. You just get an error from the webserver after a login:
You don't have permission to access /webdav/ on this server.
So I have looked for the relevant configuration file "httpd_webdavsharing.conf" (apache v2.2)
Code:
#
# Apache Config for WebDAV Sharing
# Activated and deactivated by com.apple.webapp.webdavsharing webapp
#
RegisterResource "WebDAV Sharing: %c %s" /webdav main webdav
RewriteEngine On
RewriteMap webdavmap prg:/usr/libexec/webdavsharing/webdavsharing_mapper
[Code] .....
Is there a way to modify the code in such a way that it allows the favoured access?
View 1 Replies
View Related
Dec 4, 2008
On one of my servers i can't CHMOD 777 Files, but i can CHMOD 777 Folders.
Files are chmod 777 but on scripts installation... It's Said Please Chmod Example.php to 777
Centos 5
PHP 5
Apache 2.2.3
View 11 Replies
View Related
Oct 29, 2009
I have a problem in apache 2 Linux server.
When I create a folder called "error" in a sub domain, apache doesn't read it. I tried with different permissions and proprietary (root and sub domain owner) but doesn't read the index.html.
In other sub domain the same problem occurs.
Quote:
Forbidden
You don't have permission to access /error/ on this server.
Apache Server at sub domain.domain.com Port 80
Apache reserves the name "error" for internal use?
View 2 Replies
View Related
Jul 25, 2008
to open EML files on apache webserver, actually when I load an eml (outlook email message) by using an URL, it shows the email code, it is not pasing it correctly.
What libraries (apache or system) do I need installed to parse this kind of files?
Im using apache 2.0.6.3, php 5.2.6 and RHE 5.2
View 3 Replies
View Related
Jun 29, 2008
Yesterday I was told by my hosting provider that my machine was at kernel panic, so they restarted it and I restarted my webserver (Apache).
I created a sub folder as I wanted to install a PHP script, so I created the folder using FTP and uploaded all of the script files.
The problem is, when I now visit that URL, my browser is asking me to download the .php file instead of the webserver executing it:
[url]
My web host said this:
it sounds like you aren't loading your php module library in your apache.conf and/or not associating the .php extension.
View 5 Replies
View Related
Apr 21, 2008
log file for one of our accounts.
I going to /usr/local/apche/domlogs and but in this folder I can found logs for today only.
How can I found previous log files?
View 2 Replies
View Related
Jun 5, 2013
My server is with Centos OS. I have a cache directory which has tons of scrap files. I am unable to delete it. rm -rf dirname gives an error.Is there any way to remove this directory quickly.
View 6 Replies
View Related
Jan 20, 2008
how can i hide all files and directories in public_html so when using apps suck Flash Get Site Explorere and similar software it will not show any file or directories in public_html.
View 5 Replies
View Related
Jul 2, 2009
I have a client that is certain someone is trying to hack her web-portal. I need to set up something that will alert me on suspicious activity on the server. For example someone fiddling with requests trying to make SQL / shell .. injection and similar threats.
Does any tool (for example bash script with grep) exist that would parse the raw apache logs and report if something is suspicious. Apache logs don't show the POST data so I am talking to admin to setup dump_io apache mod that enables this.
Or am I going into wrong direction here and there is whole another way to do this? I searched the web and forums for anything like this and didn't find anything.
View 4 Replies
View Related
Jul 4, 2007
I have moved my sites from old server with Apache 1.3 to new one with Apache 2.2.4. Since that time, the error log is full of these lines:
Code:
[Wed Jul 04 05:36:32 2007] [error] [client 212.47.9.194] File does not exist: /home/domain/public_html/russia
[Wed Jul 04 05:36:39 2007] [error] [client 212.47.9.194] File does not exist: /home/domain/public_html/russia
[Wed Jul 04 05:36:45 2007] [error] [client 213.192.18.2] File does not exist: /home/domain/public_html/italy
[Wed Jul 04 05:36:57 2007] [error] [client 83.8.104.181] File does not exist: /home/domain/public_html/mexico
The access logs show even more accesses, so sometimes the same page is ok, sometimes it is logged here. The strange thing is that these files (pages) exist! They are accessible through the browser without any problem.
Do you have any idea where could be the problem? It would helped me lot, I am unable to find any real problem now, when error log is full of these.
My OS is Ubuntu 6.06. I use mod_rewrite through .htaccess. I can provide list of apache modules, if it helps.
View 3 Replies
View Related
Mar 24, 2007
I using RHES 4 + cPanel.
I have MySQL 5.x, and PHP 4.4.6.
I noticed that all sites on the server, can not parse php files, tried restarting httpd, recompiling using apache update or easyapache script, and the problem stills.
index.php is at DirectoryIndex, also Addtype shows php extension active at httpd.conf.
but, when I type "php -v" from the shell, i got this message:
Code:
php: /usr/lib/libmysqlclient.so.14: version `libmysqlclient_14' not found (required by php)
I found someone with the same problem, tested the solution posted there but it doesnt seems to solve this issue.
View 9 Replies
View Related
Oct 6, 2007
I'm moving to a dedicated server for first time in my life and I have some questions that I want to share with you all.
I have run many scripts like joomla, vbulletin, etc, and I have found that when I install a module or template or when I upload images using this scripts, the permisions of this files are wrongly assigned as they belong to apache:apache instead of myuser:mygroup.
The problem is that as my new server is going to be fully managed, I am not going to have root access to chmod this files to the right myuser:mygroup and as a consecuence I'm going to be unable to dmove or delete them usinf my ftp or shh user acount.
Hope you can help me this this issue. I need to tell my hosting company what I want to do to avoid this way of working but I have no idea of how can this be solved
View 1 Replies
View Related
May 28, 2014
I recently upgraded my Apache 2.2.22 installation on Win 8.1 to 2.4.9, making all necessary changes (I believe) to the conf files. I am puzzled that two files in the format authdigest_shm.xxxx now appear in my logs directory when the server is restarted. (Edit: there is also no httpd.pid file)I assume this is to do with running digest authentication, but is a new phenomenon since the upgrade.what conf file setting(s) have I screwed up?!
View 2 Replies
View Related
Mar 6, 2014
When a user enters the whole url to a file on the webserver he/she can view this file. I want to prevent this and only allow access to the files from within the application (under apache). How can I do that? I already tried:
<Directory /var/www/html/folder/files>
order deny,allow
allow from localhost
</Directory>
This works BUT the file also isn't viewable from within the application anymore.
View 1 Replies
View Related
Oct 13, 2014
I own a VPS server running CentOS with Cpanel WHM where no one can watch videos i post on any apple product.
The file plays fine on iphones when watching it on that website. BUT if i download that mp4 file and upload it to my own server, anyone with any iphone cant watch that video on my own server. I do now modify the file in any way. It plays fine on a PC or android phone / table but not Ipad and iphone...
Here is an example of hosting the above file on my server and linking it externally on my server. [URL] ....
View 1 Replies
View Related
Dec 15, 2013
First time configuring Apache (2.2 w/ mod_jk) and when running locally (192.168.1.x), no problem.
When configuring from a DynDns through my UVerse router, I get several JS and CSS 'not found' and of course bad rendered site.
View 5 Replies
View Related
Jan 25, 2014
I have a apache server, and i'd love to find a way to be able to upload files to my server, allowing me to view the files on my server or in a folder, allowing me to download these files, edit them and re-upload them, replacing them such as files like word documents. I want it to be web-based as i'll be using it for school work, so i can upload them.
View 2 Replies
View Related
Dec 19, 2013
URL....how to setup apache so files are downloadable from it. I guess I should also be using SSL.
View 1 Replies
View Related
Mar 7, 2014
I very much like the "readme.txt" that Apache appends to the directory listings. That is, when a browser GETs a directory, the text in that file is put underneath the list of files therein.
View 1 Replies
View Related
Feb 20, 2013
Apache httpd Users mailing list, but nobody there has responded in several days. I'm using mod_alias to map URLs to directories that are outside of Apache's DocumentRoot. However, it seems that .htaccess files are being ignored in these directories.
View 6 Replies
View Related