Heres the scenario: In the root of the server i have an folder named "data".
In this folder is a file named "random-file.html". Now I want, that you can't see the contents of the folder "data" if you type "domain.com/data/" but you have access to the file "random-file.html" and can it.
Sure you can. You can hide it using .htaccess. I assume you use xampp server. You can see this [1] https://www.opentechguides.com/how-to/article/apache/115/htaccess-file-dir-security.html
If I recall correctly, the most secure practice is to keep sensitive files outside the root of your webserver all together. Create a folder on the VM or server which your app is hosted and have your application read/write/use it from there.
Most serverside frameworks/tools have a "websecrets" type functionality you could use. But this step above is my 'framework agnostic' advice.
Related
I have http://192.168.230.237:20080 Server
file located on "/etc/Jay/log/jay.txt"
I tried with "http://192.168.230.237:20080/etc/Jay/log/jay.txt" this link gives me "404 NOT Found"
Here I can I link my file to link
Your HTTP server will have a configuration option somewhere (Apache HTTPD calls it DocumentRoot) which determines where http://example.com/ maps onto the filesystem of the computer.
Commonly this will be /var/www/.
Unless you change it to / (which would expose your entire filesystem over HTTP and is very much not recommended), you can't access arbitrary files on the computer.
/etc/ is used to store configuration information for software installed on the computer. It should almost never be exposed outside the computer.
The best solution to your problem is probably:
Look at the configuration of your HTTP server and identify the document root (e.g. /var/www/)
Move your website files to that directory
If you really want to expose files under /etc via HTTP then you could also change the document root.
Your webserver might also support features like Apache HTTPD's Alias directive which allows you to map a URL onto a file that can be outside the DocumentRoot.
I want to learn AngularJs from http://www.tutorialspoint.com/angularjs
but an example must be deployed a server. I don't know anything about it.
Please give me some hint about deploy .htm extension file to a server.
Example url is following;
http://www.tutorialspoint.com/angularjs/angularjs_includes.htm
I believe that they just mean placing the files somewhere inside the web root. The web root should be deployed by your local or remote server.
Example:
Download and install MAMP.
Set your root directory as the MAMP root directory in preferences.
Now you can use your own paths -- just follow the example in the link you provided.
https://www.mamp.info/en/
Also, I'm of the opinion that it's good practice to at least use a local web server as opposed to running your website without one.
You don't need a webserver to test the code given in that example. ng-include using relative paths works fine.
However, if you really want to use a webserver for other examples/projects, depending upon your OS, you can use *AMP. where * means
W for windows
L for linux
once you have it installed, place the files in www folder. and access it in browser using http://localhost
Firstly I add my app folder under
D:\tomcat7\apache-tomcat-7.0.67-windows-x64\apache-tomcat-7.0.67\webapps
after I run tomcat server .
And run
http://localhost:8080/an/ht.htm
It is working :) Thanks #ketchupisred #Mridul Kashyap
I need a cgi-bin but I can't find one when I am connected on Filezilla or cPanel, it's just public_html and that's it.
What do I do? I have looked online and it says that I need to use a command line but I have no clue how I would do that!
The "cgi-bin" directory does not exist until you create it with your FTP program at the top level of your Web site directory. From the perspective of your FTP program, it's just a normal directory (folder) that you can create, but it's treated differently by the server because of its special name.
Open your Filezilla program and connect to your website.
When you are in your top-level directory, (Where you see "public_html")
Right-click anywhere in the the window and select "create directory."
Simply name the directory "cgi-bin"
You're done!
I've been following the Fortrabbit's guide to install phpMyAdmin.
I've managed to put the folder in my htdocs, but from what I read I must actually upload it into the app root below htdocs. Problem is the app root has write protection and I can't seem to change permissions via SFTP.
Any solutions?
Edit
Solved. I had my Root Path under settings set to htdocs/public, so I couldn't hit the phpMyAdmin folder. Setting the Root Path back to htdocs/ enabled me to access it like normal.
Where did you read it must go to the app root? I don't see that in the tutorial, but admit I may have missed it. Also, I'm not clear what you mean by "app root".
Note that in this case, there are three different 'root' folders, be careful not to get confused.
The file system root, /. All the files on your server live here. Depending how fortrabbit configures their system, you may not even have access to this.
The web folder root. Files in this folder and below are available online through your webserver.
The SFTP root. This also depends on how fortrabbit configures their server, it could be your web root, the file system root, or your home directory. You may be able to change to other folders, or maybe not.
Normally, htdocs is the root or base folder where your webserver is looking for files to serve. It isn't clear from my browsing the fortrabbit site if they do anything odd with their configuration, so this is a close approximation for what most servers look like. For the sake of illustration, we'll pretend that htdocs is in /var but it can be anywhere on disk.
So the file system might look a bit like:
/
/bin/
/etc/
/home/MichaelHanslo/
/home/MichaelHanslo/budget_presentation.odf
/var/
/var/htdocs/
/var/htdocs/index.html
/var/htdocs/pma/
/var/htdocs/calendar/
/var/htdocs/calendar/modify.php
/var/logs/
So in that scenario, going to http://example.com/ loads the file /var/htdocs/index.html, going to http://example.com/calendar/modify.php loads /var/htdocs/calendar/modify.php. So in most cases, you want to create a folder under htdocs for phpMyAdmin; you can call it anything you want (in my example above, I used 'pma'). Anyway, if you don't have permission to create the folder under your web root, then you should definitely ask your host for help, because something isn't right.
Hope that helps clear it up for you.
i am creating a web page to show the contents of a folder so that people can view the files and download them if needed.
Click here to view Folder
But i wanna do this without any coding what so ever, i found this code which lets me view files.
The problem i am facing is that when i double click the html page and open it this hyperlink works and i get what i need but when i access the page through a server (IIS 7) then the hyperlink does nothing ?
am i to set some permissions or what ?
can someone tell me what im doing wrong ?
The link will work when the file you want to download is on your own personal computer, which in your case is true if you're just showing the HTML file locally. It won't be true for users visiting your website from another computer though.
If you want to serve the file on a server, you need to link to the path on the server itself, that is, if the file is in C:\inetpub\wwwroot\test_pages, your A HREF looks like this:
Click here to view Folder
Offcourse, this will work for simple files. For folders, you need to enable the webserver to show directory contents by enabling Directory Browsing.
There are security implications of linking to a local file from an online source. It works when the page is held locally but when on a server it puts a stop to it.
You can also use linux build-in command Tree, in example below you can see that i only want to add files that are matching .tar.gz or .zip or .tar.bz2
tree -P "*.tar.gz|*.zip|*.tar.bz2" -h -D --dirsfirst -r -H . > index.html;
You can also add a custom css to the page for a better looking output.
Straighforward and highly secure since the result is only html
as you use windows you can use www.cygwin.com to emulate a linux environement