I'm trying to set up Apache on CentOS 4. I'm using Apache 2.0 and it can't seem to access anything outside of the /var/www directory - it gives an Error 403.
I thought this would be down to SELinux but this is disabled. I've run the following command on the directory but with no luck:
i manage linux apache webserver with a few wordpress blogs and from time to time i see someone inject a malicious .php file into wp-content/uploads/2014/10/ directory.
i think its some bad plugin or theme, but these is more blogs, i ugrade, update, WP, but
how can i setup some monitor to tell me which php file (or even line in php file) injected that malicious .php ? I have linux root access so i can setup anything
if there's an OS where that is possible?...i'm probably in the wrong section at this point, but i was thinking about using Remote Desktop to accomplish this...something like a Virtual Private Network... but i don't have XP pro or any other system that could act like a server...
my goal is to allow staff working off site to easily access files through windows programs like ms word or ms excel to save, edit, etc -- files would be located on the web server or on a network computer on site (not necessarily a network server)
I have download manager script that I use for my customers to download products right after the purchase.
Script generates download link that looks like this:
http://www.yourwebsite.com/download/...582921B&p=1840 (where 2YY6582921B is receipt number that is different with each purchase).
All products are placed in one folder. This folder can not be seen in above download url, but can be accessed thru browser and files can be downloaded that way without paying for them.
Can I use .htaccess and if yes how, to protect all product files the way that they can not be accessed directly by visiting url thru browser (in case somebody will find the correct url), they should be allowed for access only for my download manager script.
Code: curl_setopt($curl, CURLOPT_HTTPAUTH, CURLAUTH_BASIC); curl_setopt($curl, CURLOPT_USERPWD, '[user]:[pass]'); but I can't figure out how to get past the login:
Authorization Required
This server could not verify that you are authorized to access the document requested. Either you supplied the wrong credentials (e.g., bad password), or your browser doesn't understand how to supply the credentials required. Apache/2.0.52 (CentOS) Server at ****** Port 80
We will be hosting our own closed source solutions and need to be able to not give customers access to the files in their webspace.FTP and SSH access will be blocked in the firewall, so that it easy.I see it is possible to disable access to FTP users information, but the file manager is still usable in the CCP (Customer Control Panel / Hosting Panel).Can this file manager be disabled as well?
We have Panel Plesk 11.5.30 in Windows 2008 R2. when you go to File Sharing in all the Subscriptions, appears this error: Internal error: Unable to access File Sharing repository with the system user name "admin": wrong username or password
This happen since we do the update to the new version 11.5.30 ...
I m newbie to apache server. I have created a web site using apache server with theURL... tutorial. I m able to access my web site on my ip address bt unable to access it using other ip of linux system. I m CentOS user. I can ping that ip with my ip. I have edited files as described in the tutorial.
I can't reach my website, I get a "corrupted content" error message in the browser.Looking into apache (version 2.4.7), I get
Code: ~$ apachectl -S AH00526: Syntax error on line 22 of /etc/apache2/sites-enabled/000-default.conf: SSLCertificateKeyFile: file '/etc/ssl/private/owncloud.key' does not exist or is empty Action '-S' failed.
However, I double checked that the file is in the appropriate location and does contain the key, so maybe apache has no permission. afaik, it doesn't run as root all the time - or only for a short time?
permissions for the key file are as follows:
Code: ~$ sudo ls -l /etc/ssl/private/owncloud.key -rw-r--r-- 1 root ben 1704 Sep 28 04:01 /etc/ssl/private/owncloud.key
, where ben is my normal user.
It was suggested to me on the httpd IRC channel that maybe apparmor was doing something wrong, but I don't know how to investigate that.
I have installed Apache 2.4.3, and PHP 5.4.5 64-bit, and I have installed PostgreSQL 9.2 64-bits under my new system windows 7 64 bits. Apache and PHP could work nicely, and PostgreSQL run fine too. However, PHP couldn't access the PostgreSQL. pg_connect(), and followed by echo select version(), didn't give any error. When PostgreSQL module was not loaded (because my php dir was d:php, but inside httpd.conf i type D:/PHP), I got message saying something like "undefined pg_connect()." I fixed it, but select version() or any other echo after pg_connect() didn't give any output.
i signed up for vps from vps.me and i got ssh credential i logged in ssh using token2shell but when i put my server ip "10.223.1.157" in google chorome but then it says unable to find even i am not able to access ftp through filezilla also
I have XAMPP server which works fine. When I wanted to load webpages through my lan network it said I need to edit httpd-xampp.conf. When I try to load from internet there is no connection at all. I changed httpd-xampp.conf from this
Code :
<LocationMatch "^/(?i:(?:xampp|security|licenses|phpmyadmin|webalizer|server-status|server-info))"> Order deny,allow Deny from all Allow from 127.0.0.0/8 ErrorDocument 403 /error/HTTP_XAMPP_FORBIDDEN.html.var </LocationMatch>
When a user enters the whole url to a file on the webserver he/she can view this file. I want to prevent this and only allow access to the files from within the application (under apache). How can I do that? I already tried:
<Directory /var/www/html/folder/files> order deny,allow allow from localhost </Directory>
This works BUT the file also isn't viewable from within the application anymore.
I recently installed Apache/2.0.64(win32)on my Windows 7 machine and am having a problem with external access. The installation appears to be good as it shows all services running and I can access a basic index.html file through 127.0.0.1
I have ruled out any router or firewall issues and am fairly sure the problem is with the httpd config. But the only changes I've made are to the NameServer and Listen directives, so I'm lost for an answer to the problem.
The NameServer is set to my actual IP address while the Listen one is set to my servers internal IP address, but I have tried switching them around with no success.
The other thing I don't know is if I need to have SQL and myPHP installed just to check basic functionality.
I made the idiotic move of not making a backup of the default configs and now I can't access my http website externally. ssl works fine, but I need http to work too.
I'm looking for how to deny an IP access to my server. Not just a particular site. I have several sites on my server. Do I need to put that denial in each and every .htaccess file? Is there some way I can specify an IP denial to everything anywhere on my server?
I have a lamp server setup with a couple of vhosts. Investigating the log files for a situation I found that it seems to be missing some entries. The access log contains a long list of files (images and css) requested by the client regarding a request to a page (having a specific url as referer), but the actual request is missing. The url called is an automatically generated url that should only be available as an unsubscribe link in emails send to a specific user, thus the use of it in the logs is limited
At the same time I can find log entries in our database that I am 99.9% sure can only originate from this specific URL being requested (never say never). These log entries are stamped just before all the auxiliary requests having the url as referer, but again the actual request is not to be found.