Editing httpd.conf (openshift.conf) to create an apache Alias - openshift

Is there a way to make a simple edit to (httpd.conf) with OpenShift and have it persist across restarts?
`${HOME}php/configuration/etc/conf.d/openshift.conf`
Here is what I would like to do:
I just need to make an apache directory alias (NOT a DNS alias) and define a directory with some permissions.
Here is what I've tried:
I manually edited the file on rhc and restarted the app from my local command prompt. This overwrote my edited file with the default cartridge file when the restart was complete.
$ rhc app restart
Added some herdoc statements to my deploy script, commited the change, and pushed to rhc (I didn't think this would work but tried it just in case.)
#.openshift/action_hooks/deploy
cat << EOF >> ${HOME}php/configuration/etc/conf.d/openshift.conf
all of my edits ...
EOF
Is there a smarter way to do this or must I build my own cartridge to make a simple edit to httpd.conf?
Thanks for your help is much appreciated!
Jay

Found the answer to my own question:
After looking through the documentation for creating a cartridge the answer was staring me in the face (section under first steps talks about creating a symlink to the modules directory.)
What I really wanted to do with the alias was to point to files outside of the ApacheDocument root. FollowSymLinks is enabled in the cartridge, so all I had to do was create a symlink and it did exactly what I was trying to accomplish with the Alias (not sure why I didn't see that sooner).
So instead of this in the apache conf file...
Alias /publicly-visible-alias "/some/path/outside/of/document/root"
<Directory "/some/path/outside/of/document/root">
Options Indexes FollowSymLinks
AllowOverride All
Order allow,deny
Allow from all
</Directory>
I used this in the .openshift/action_hooks/deploy
ln -s /some/path/outside/of/document/root ${OPENSHIFT_REPO_DIR}/sub-directory/publicly-visible-alias
The .htaccess file inside of /publicly-visible-alias directory took care of all the other details (mod_rewrites, document index, etc... etc...)
Hope this helps someone else.
Jay

Related

Have index.html file but still getting a directory listing

I have an index.html file in my Apache DocumentRoot directory but when I go to my URL, I am still getting a directory listing of my DocumentRoot directory instead of the index.html file being displayed. The apache access_log shows 200's when I reload the page. Any suggestions?
Use
DirectoryIndex index.html
It tells apache what document to show for a directory request.
update
You should specify just the filename that apache will look for in the folder requested.
Not saying this will fix it for you, but for me when first getting started with Apache2 it was file permissions that would get forgotten when moving or writing new file under the web root directory
ls -hal /var/www/host_one/index.html
If above doesn't have read (r) permissions for the same user:group or if the ownership doesn't include the user/group of the web server, then try the following for allowing group reads
# Modify ownership, change 'www_host' to Apache2 group
chown ${USER}:www_host /var/www/host_one/index.html
# give read+write (6) to user and read (4) to group owners
chmod 640 /var/www/host_one/index.html
Try refreshing the website and see if permissions where the issue. Note most web documents only require read permissions and ownership to be correct for browsers to be allowed to pick them up for rendering, on rare occasions you may need executable (1 or x) permissions for server scripts (be cautious of ownership in such cases) and last write permissions (2 or w) should likely never be seen without good reasons on files within your web root.
Second thing to try, use the index.html within your browsers URL bar
# by IP
http://192.168.0.100/index.html
# by domain
http://site-name.local/index.html
If the above loaded your document then, like #Pekka 웃 stated already, you've likely got a server option that's missing or enabling directory listings instead of looking for a index page within that directory. If this is the problem then there's two ways of fixing it that I've tried in the past. One, htaccess configuration to disable directory listing within that sub-directory, two, server vhost configuration to prevent whole site from directory listings. Personally I prefer to use option two and then on directories that should be allowed to be listed place an htaccess config for permissions instead of denials.

Changing Apache directives on GoDaddy shared server

The site I'm working on is hosted on GoDaddy's shared servers. I need to increase the limit on the Apache directive LimitRequestBody. I've tried adding the following to .htaccess:
LimitRequestBody 20250000
But that doesn't have any effect. I've called GoDaddy support several times, and nobody there seems to know how to help.
Any ideas?
Make sure your .htaccess file is affecting the correct directory - the one where the script you want to limit lives. To affect only that directory, put your .htaccess file in the root directory(above your script) and wrap your directive with
<Directory "/var/www/path/to/script">
LimitRequestBody 20250000
</Directory>
After you change the .htaccess file, you need to run
# service httpd reload
I hope this helps.

Apache giving 403 forbidden errors

Ok, so i've previously set up two virtual hosts and they are working cool. they both house simple web projects and work fine with http://project1 and http://project2 in the browser.
Anyway, I've come to add another vhost. I edited the /etc/hosts file with 127.0.0.1 project3 and also updated the httpd-vhosts.conf file by copy and pasting the previous entries for project2 and editing the file path.
I've checked all the file and folder permissions (in fact I copied and pasted from project2) and simply put a "hello world" message in the index.php file.
I get a 403 forbidden permission denied message when accessing http://project3
Why is this, I just can figure out what step I've missed as everything seems to be set up correct.
Check that :
Apache can physically access the file (the user that run apache, probably www-data or apache, can access the file in the filesystem)
Apache can list the content of the folder (read permission)
Apache has a "Allow" directive for that folder. There should be one for /var/www/, you can check default vhost for example.
Additionally, you can look at the error.log file (usually located at /var/log/apache2/error.log) which will describe why you get the 403 error exactly.
Finally, you may want to restart apache, just to be sure all that configuration is applied.
This can be generally done with /etc/init.d/apache2 restart. On some system, the script will be called httpd. Just figure out.
I just fixed this issue after struggling for a few days. Here's what worked for me:
First, check your Apache error_log file and look at the most recent error message.
If it says something like:
access to /mySite denied (filesystem path
'/Users/myusername/Sites/mySite') because search permissions
are missing on a component of the path
then there is a problem with your file permissions. You can fix them by running these commands from the terminal:
$ cd /Users/myusername/Sites/mySite
$ find . -type f -exec chmod 644 {} \;
$ find . -type d -exec chmod 755 {} \;
Then, refresh the URL where your website should be (such as http://localhost/mySite).
If you're still getting a 403 error, and if your Apache error_log still says the same thing, then progressively move up your directory tree, adjusting the directory permissions as you go. You can do this from the terminal by:
$ cd ..
$ chmod 755 mySite
If necessary, continue with:
$ cd ..
$ chmod Sites
and, if necessary,
$ cd ..
$ chmod myusername
DO NOT go up farther than that. You could royally mess up your system.
If you still get the error that says search permissions are missing on a component of the path, I don't know what you should do. However, I encountered a different error (the one below) which I fixed as follows:
If your error_log says something like:
client denied by server configuration:
/Users/myusername/Sites/mySite
then your problem is not with your file permissions, but instead with your Apache configuration.
Notice that in your httpd.conf file, you will see a default configuration like this (Apache 2.4+):
<Directory />
AllowOverride none
Require all denied
</Directory>
or like this (Apache 2.2):
<Directory />
Order deny,allow
Deny from all
</Directory>
DO NOT change this! We will not override these permissions globally, but instead in your httpd-vhosts.conf file.
First, however, make sure that your vhost Include line in httpd.conf is uncommented. It should look like this. (Your exact path may be different.)
# Virtual hosts
Include etc/extra/httpd-vhosts.conf
Now, open the httpd-vhosts.conf file that you just Included. Add an entry for your webpage if you don't already have one. It should look something like this. The DocumentRoot and Directory paths should be identical, and should point to wherever your index.html or index.php file is located. For me, that's within the public subdirectory.
For Apache 2.2:
<VirtualHost *:80>
# ServerAdmin webmaster#dummy-host2.example.com
DocumentRoot "/Users/myusername/Sites/mySite/public"
ServerName mysite
# ErrorLog "logs/dummy-host2.example.com-error_log"
# CustomLog "logs/dummy-host2.example.com-access_log" common
<Directory "/Users/myusername/Sites/mySite/public">
Options Indexes FollowSymLinks Includes ExecCGI
AllowOverride All
Order allow,deny
Allow from all
Require all granted
</Directory>
</VirtualHost>
The lines saying
AllowOverride All
Require all granted
are critical for Apache 2.4+. Without these, you will not be overriding the default Apache settings specified in httpd.conf. Note that if you are using Apache 2.2, these lines should instead say
Order allow,deny
Allow from all
This change has been a major source of confusion for googlers of this problem, such as I, because copy-pasting these Apache 2.2 lines will not work in Apache 2.4+, and the Apache 2.2 lines are still commonly found on older help threads.
Once you have saved your changes, restart Apache. The command for this will depend on your OS and installation, so google that separately if you need help with it.
I hope this helps someone else!
PS: If you are having trouble finding these .conf files, try running the find command, such as:
$ find / -name httpd.conf
restorecon command works as below :
restorecon -v -R /var/www/html/
Notice that another issue that might be causing this is that, the "FollowSymLinks" option of a parent directory might have been mistakenly overwritten by the options of your project's directory. This was the case for me and made me pull my hair until I found out the cause!
Here's an example of such a mistake:
<Directory />
Options FollowSymLinks
AllowOverride all
Require all denied
</Directory>
<Directory /var/www/>
Options Indexes # <--- NOT OK! It's overwriting the above option of the "/" directory.
AllowOverride all
Require all granted
</Directory>
So now if you check the Apache's log message(tail -n 50 -f /var/www/html/{the_error_log_file_of_your_site}) you'll see such an error:
Options FollowSymLinks and SymLinksIfOwnerMatch are both off, so the RewriteRule directive
is also forbidden due to its similar ability to circumvent directory restrictions
That's because Indexes in the above rules for /var/www directory is overwriting the FolowSymLinks of the / directory. So now that you know the cause, in order to fix it, you can do many things depending on your need. For instance:
<Directory />
Options FollowSymLinks
AllowOverride all
Require all denied
</Directory>
<Directory /var/www/>
Options FollowSymLinks Indexes # <--- OK.
AllowOverride all
Require all granted
</Directory>
Or even this:
<Directory />
Options FollowSymLinks
AllowOverride all
Require all denied
</Directory>
<Directory /var/www/>
Options -Indexes # <--- OK as well! It will NOT cause an overwrite.
AllowOverride all
Require all granted
</Directory>
The example above will not cause the overwrite issue, because in Apache, if an option is "+" it will overwrite the "+"s only, and if it's a "-", it will overwrite the "-"s... (Don't ask me for a reference on that though, it's just my interpretation of an Apache's error message(checked through journalctl -xe) which says: Either all Options must start with + or -, or no Option may. when an option has a sign, but another one doesn't(E.g., FollowSymLinks -Indexes). So it's my personal conclusion -thus should be taken with a grain of salt- that if I've used -Indexes as the option, that will be considered as a whole distinct set of options by the Apache from the other option in the "/" which doesn't have any signs on it, and so no annoying rewrites will occur in the end, which I could successfully confirm by the above rules in a project directory of my own).
Hope that this will help you pull much less of your hair! :)
it doesn't, however, solve the problem, because on e.g. open SUSE Tumbleweed, custom source build is triggering the same 401 error on default web page, which is configured accordingly with Indexes and
Require all granted
The server may need read permission for your home directory and .htaccess therein
You can try disabling selinux and try once again using the following command
setenforce 0
In my case it was failing as the IP of my source server was not whitelisted in the target server.
For e.g. I was trying to access https://prodcat.ref.test.co.uk from application running on my source server.
On source server find IP by ifconfig
This IP should be whitelisted in the target Server's apache config file. If its not then get it whitelist.
Steps to add a IP for whitelisting (if you control the target server as well)
ssh to the apache server
sudo su -
cd /usr/local/apache/conf/extra (actual directories can be different based on your config)
Find the config file for the target application for e.g. prodcat-443.conf
RewriteCond %{REMOTE_ADDR} <YOUR Server's IP>
for e.g.
RewriteCond %{REMOTE_ADDR} !^192\.68\.2\.98
Hope this helps someone
Add
<Directory "/path/to/webroot">
Options Indexes FollowSymLinks Includes ExecCGI
AllowOverride All
Order allow, deny
Allow from all
Require all granted
</Directory>
What this does is tell Apache2 to override any previous configs, and allow (200) from all before denying. (403) It also requires all requests to be granted. This code will have to go in every vhost file, but it does work. I have been using this for over a year.
to your config file (e.g. /etc/apache2/sites-enabled/000-default.conf)
Tested LAMP stack Debian 11

Cannot login to phpMyAdmin, no errors shown

I have MySQL set up correctly on my linux computer, however I want a better way to input data into the database besides terminal. For this reason, I downloaded phpMyAdmin. However, when I try to log in to the phpMyAdmin from index.php, it doesnt do anything. It seems to just refresh the page without doing anything. I am putting in the correct MySQL username and password. What is the issue?
Here is a screen shot of what it shows after I click "go".
This is a possible issue when the path to save php_session is not correctly set :
The directory for storing session does not exists or php do not have sufficient rights to write to it.
To define the php_session directory simply add the following line to the php.ini :
session.save_path="/tmp/php_session/"
And give write rights to the http server.
usually, the http server run as user daemon in group daemon. If it is the case, the following commands will make it :
chown -R :daemon /tmp/php_session
chmod -R g+wr /tmp/php_session
service httpd restart
Login fails if session folder in not writeable. To check that, create a PHP file in your web directory with:
<?php
$sessionPath = 'undefined';
if (!($sessionPath = ini_get('session.save_path'))) {
$sessionPath = isset($_ENV['TMP']) ? $_ENV['TMP'] : sys_get_temp_dir();
}
if (!is_writeable($sessionPath)) {
echo 'Session directory "'. $sessionPath . '"" is not writeable';
} else {
echo 'Session directory: "' . $sessionPath . '" is writeable';
}
If session folder is not writeable do either
sudo setfacl -R -m u:www-data:rwx <session directory> or chmod 777 sudo setfacl -R -m u:www-data:rwx <session directory>
-
I am late to the game, but on Amazon linux AMI I could not log in to phpmyadmin ... it just kept refreshing the login screen with no errors.
I have fixed with below command
sudo chmod -R 755 /var/lib/php/session
I fixed my issue on CentOS 7 with MariaDB and phpmyadmin I downloaded from offical phpmyadmin site by adding
session.save_path = "/var/lib/php/session"
to /etc/php.ini
and
chown -R :lighttpd /var/lib/php/session
I also restarted php-fpm and lighttpd after
In my case the solution was to set an Apache setting properly:
ProxyPassReverseCookiePath
This was required, because ProxyPass and ProxyPassReverse were in use, but cookie paths are not changed automatically.
It'd be great if PHPMyAdmin had shown something like session not found or anything, when password is sent with POST.
Do you have a .htaccess file in one of the parent directories that strips off index.php from the url by doing a 301 redirect?
301 redirects discard the form data and redirect you as if you didn't submit anything. So you get returned to the login page.
So you should create a local .htaccess file in the phpmyadmin directory with a single line RewriteEngine On. This will overwrite the previous rewrite rule to nothing.
You may need to clear the browser cache as Chrome aggressively caches 301 redirects.
In my case the hard drive was full.
Use df -h to check the space left on your hard drive, and if you want you can free some space by using the command sudo apt-get clean, which removes installation files.
I hope this will help some future users.
I ran these commands and it worked for me:
sudo service httpd restart
sudo service mysqld stop
sudo service mysqld start
Try searching the web for installation or setup guides for phpMyAdmin. Look at two or three of these and make sure you have covered all the required steps. (If you have already done so, please include which guides you have followed it in the question).
See if it helps to edit config.inc.php (acecoder mentioned this as well).
Check if this guide is of any help.
Which distro are you on? Try searching for the name of the distro you are using together with "phpMyAdmin guide" or "phpMyAdmin setup howto".
If you encounter errors along the way, post the error text here, if it's short (or paste via a pastebin-like site if it's long).
Are you sure that mysql is running? I had the same issue after doing a database import and filling up the volume containing the mysql database. After changing various permissions and clearing sessions, I tried to restart mysql (/etc/init.d/mysql restart) and it failed because the volume was full. After increasing /var and starting mysql successfully, I was able to log into phpmyadmin just fine.
If you have an error like:
Host 'host_name' is blocked because of many connection errors.
Login in your mysql as root and run the flush hosts command
1.- mysql -u root -p
2.- mysql > flush hosts
After this I was able to login again in phpmyadmin
phpMyAdmin will show errors when login fails. If it doesn't, it means that your setup has an error.
The most likely place to check is your php.ini settings. Since there doesn't seem to be an official list of phpMyAdmin-compatible settings, it's mostly trial and error.
Make sure you have enabled the stuff that needs to be enabled. Also check that you did not enable uncommon php.ini settings (like enable_post_data_reading = Off) because phpMyAdmin assumes them to be "the usual ones".
To ease debugging, start with a clean default php.ini file then tweak them line by line to see which setting is causing the error. (Don't forget that you need to restart your server after changing the php.ini file for the changes to take place.)
In my case it was due to an old Apache session.
Stop Apache, clear all pending sessions in your sessions.save_path directory (example: /var/lib/php/session) and restart Apache.
Make sure to set a 32 chars long random key in 'config.inc.php' in the $cfg['blowfish_secret'] value. That solved it for me.
Didn't realize I need to restart MariaDB after modifying config.inc.php:
service mariadb restart
Otherwise at least in my case changes didn't come affect. Also make sure your php session directory is writable by webserver (typically session.save_path = "/var/lib/php/session")

How do I create an alternative root for XAMPP?

I understand that the root of xampp is the htcdocs directory - but I want to create my own directory in my home folder and have that server as my root so that I don't have to go through a million folders to save a file.
I can accomplish this using a symbolic link, but is there a better way to do this????
Thanks so much.
You'll need to edit your httpd.conf file and the restart the server. There should be two things you'll need to replace: the DocumentRoot={current} and a . Just replace the existing path with the path you'd like it to be and restart apache. It should now be serving from the new directory instead of the old one.
You can also use virtual hosts to assign the directory in your home folder to a new domain/ipaddress/port/whatever, but that's quite a bit harder to do.
You can use following link to create Virtual Host -
http://www.mikebernat.com/blog/Adding_Virtual_Hosts_to_Apache_&_Wampserver
Although this is for WAMP. Same information can be used for XAMP