htaccess error: Require not allowed in <Files> context - .htaccess

I'm trying to upgrade to the latest version of phpbb3.2 by following this guide, but I'm getting a 500 Internal Server Error and the following error in my apache 2.4 error log when I try to access the /install directory:
C:/website/forum/.htaccess: Require not allowed in <Files> context
I tried googling for the "Require not allowed in Files context" error, but there are literally no results. Must be a rare or a newly introduced error.
The htaccess in question contains the following:
<IfModule mod_version.c>
<IfVersion < 2.4>
<Files "config.php">
Order Allow,Deny
Deny from All
</Files>
<Files "common.php">
Order Allow,Deny
Deny from All
</Files>
</IfVersion>
<IfVersion >= 2.4>
<Files "config.php">
Require all denied
</Files>
<Files "common.php">
Require all denied
</Files>
</IfVersion>
</IfModule>
<IfModule !mod_version.c>
<IfModule !mod_authz_core.c>
<Files "config.php">
Order Allow,Deny
Deny from All
</Files>
<Files "common.php">
Order Allow,Deny
Deny from All
</Files>
</IfModule>
<IfModule mod_authz_core.c>
<Files "config.php">
Require all denied
</Files>
<Files "common.php">
Require all denied
</Files>
</IfModule>
</IfModule>
Any idea how to solve this?
EDIT: I used the command mentioned in the guide as an alternative to the install directory steps and completed the guide, but even accessing the root forum url still gives the same error, so this issue is not related to the "install/" instructions.

AllowOverride httpd.conf directive requires an AuthConfig option to be enabled to use the Required directive in htaccess files.
https://www.phpbb.com/community/viewtopic.php?f=556&t=2492006&p=15130746#p15130746

In case of linux/ubuntu/etc, you might add AllowOverride AuthConfig in /sites-enabled/your-site.conf:
<IfModule mod_ssl.c>
<VirtualHost *:443>
...
<Directory /var/www/your_path/>
...
AllowOverride AuthConfig
...
</Directory>
</VirtualHost>
</IfModule>

Related

django.urls.base.get_script_prefix returns incorrect prefix when executed by apache

Python-3.8/Django-3.2/Mezzanine-6.0 application tries to access incorrect pages when executed by apache. In standalone mode (python manage.py runserver) it creates correct address /admin/page_types/basicpage/2677/change/ whereas in apache mode it creates address /admin/page_types/basi/admin/pages/page/2677/change/ in the same place.
Edit:
It seems to be the get_script_prefix() function in django/urls/base.py that returns incorrect prefix when accessing page 2677 in apache mod_wsgi daemon mode. In embedded mode the fault does not happen.
I don't even uderstand how this fuction call return getattr(_prefixes, "value", '/') can work as the _prefixes object does not have attribute named "value".
The _prefixes object comes from asgiref:
from asgiref.local import Local
_prefixes = Local()
Furthermore: why does django use asgiref also when not not excuted using ASGI https://asgi.readthedocs.io/en/latest/ ?
Apache configuration:
[django#tkpika03p ~]$ cat /etc/httpd/conf.d/pika.conf
#
# VirtualHost template
# Files must have the .conf suffix to be loaded.
#
# NameVirtualHost statements can be added to /etc/apache2/listen.conf.
#
# Almost any Apache directive may go into a VirtualHost container.
# The first VirtualHost section is used for requests without a known
# server name.
#
<VirtualHost *:80>
ServerAdmin palvelin.hallinta#<myDomain>
ServerName pikaappm.<myDomain>
ServerAlias tkpika03p.ad.<myDomain>
DocumentRoot /srv/www/htdocs
ErrorLog /var/log/httpd/pika-error_log
CustomLog /var/log/httpd/pika-access_log combined
LogLevel warn
# don't loose time with IP address lookups
HostnameLookups Off
# needed for named virtual hosts
UseCanonicalName Off
# configures the footer on server-generated documents
ServerSignature Off
Alias /static/ /srv/django/pika/pika/static/
Alias /site/ /srv/django/pika/pika/static/site/
<IfModule wsgi_module>
WSGIDaemonProcess pika_wsgi user=django group=django home=/srv/django python-home=/srv/django/pika-env python-path=/srv/django/pika
WSGIProcessGroup pika_wsgi
WSGIScriptAlias / /srv/django/pika/pika/wsgi.py
WSGIApplicationGroup %{GLOBAL}
</IfModule>
<Directory "/">
require all granted
</Directory>
<Directory "/srv/www/htdocs">
Options Includes FollowSymLinks
AllowOverride FileInfo
<Limit GET OPTIONS>
<IfModule access_compat_module>
Order allow,deny
Allow from all
</IfModule>
<IfModule !access_compat_module>
Require all granted
</IfModule>
</Limit>
</Directory>
<Directory /srv/django/pika/pika>
<Files wsgi.py>
<IfModule access_compat_module>
Order allow,deny
Allow from all
</IfModule>
<IfModule !access_compat_module>
Require all granted
</IfModule>
</Files>
</Directory>
<Directory /srv/django/pika/pika/static>
# Options Indexes Includes FollowSymLinks
# AllowOverride FileInfo
<IfModule access_compat_module>
Order allow,deny
Allow from all
</IfModule>
<IfModule !access_compat_module>
Require all granted
</IfModule>
</Directory>
<Directory /srv/django/pika/pika/static/site>
# Options Indexes Includes FollowSymLinks
# AllowOverride FileInfo
<Limit GET OPTIONS>
<IfModule access_compat_module>
Order allow,deny
Allow from all
</IfModule>
<IfModule !access_compat_module>
Require all granted
</IfModule>
</Limit>
</Directory>
<Directory /srv/django/pika/pika/media>
# Options Indexes Includes FollowSymLinks
# AllowOverride FileInfo
<Limit GET OPTIONS>
<IfModule access_compat_module>
Order allow,deny
Allow from all
</IfModule>
<IfModule !access_compat_module>
Require all granted
</IfModule>
</Limit>
</Directory>
<Location />
Options Indexes Includes FollowSymLinks
SetOutputFilter INCLUDES
AddOutputFilter INCLUDES .html .ssi .css
# Order deny,allow
# Require all granted
</Location>
</VirtualHost>

Redmine on CentOS 7 phpmyadmin : error page not found

I have installed Redmine 2.5 on centos 7 with phpmyadmin and it is intalled in localhost.
but when i try 127.0.0.1/phpmyadmin or localhost/phpmyadmin i get a 404 error:
Page not found
The page you were trying to access doesn't exist or has been removed.
but phpmyadmin loads on http://127.0.0.1/phpmyadmin/index.php
when i disable virtual host localhost/phpmyadmin works.
also everything works when i assign redmine to different ipaddress.
My virtual hosts is :
<VirtualHost *:80>
ServerName www.rdmine.com
ServerAlias rdmine.com
#ServerAdmin 127.0.0.1#domain.com
DocumentRoot /var/www/redmine/public/
ErrorLog logs/redmine_error_log
<Directory "/var/www/redmine/public/">
# Options Indexes ExecCGI FollowSymLinks
# Order allow,deny
Allow from all
Options -MultiViews
# AllowOverride none
</Directory>
# These have been added:
Alias /redmine /var/www/redmine/public
<Location /redmine>
PassengerBaseURI /redmine
PassengerAppRoot /var/www/redmine
</Location>
<Directory /var/www/redmine/public>
Allow from all
Options -MultiViews
# Uncomment this if you're on Apache >= 2.4:
#Require all granted
</Directory>
</VirtualHost>
and my phpmyadmin conf is:
Alias /phpMyAdmin /usr/share/phpMyAdmin
Alias /phpmyadmin /usr/share/phpMyAdmin
<Directory /usr/share/phpMyAdmin/>
AddDefaultCharset UTF-8
<IfModule mod_authz_core.c>
# Apache 2.4
<RequireAny>
Require ip 127.0.0.1
Require ip ::1
</RequireAny>
</IfModule>
<IfModule !mod_authz_core.c>
# Apache 2.2
Order Deny,Allow
Deny from All
Allow from 127.0.0.1
Allow from ::1
Allow from all
</IfModule>
</Directory>
<Directory /usr/share/phpMyAdmin/setup/>
<IfModule mod_authz_core.c>
# Apache 2.4
<RequireAny>
Require ip 127.0.0.1
Require ip ::1
</RequireAny>
</IfModule>
<IfModule !mod_authz_core.c>
# Apache 2.2
Order Deny,Allow
Deny from All
Allow from 127.0.0.1
Allow from ::1
</IfModule>
</Directory>
# These directories do not require access over HTTP - taken from the original
# phpMyAdmin upstream tarball
#
<Directory /usr/share/phpMyAdmin/libraries/>
Order Deny,Allow
Deny from All
Allow from None
</Directory>
<Directory /usr/share/phpMyAdmin/setup/lib/>
Order Deny,Allow
Deny from All
Allow from None
</Directory>
<Directory /usr/share/phpMyAdmin/setup/frames/>
Order Deny,Allow
Deny from All
Allow from None
</Directory>
# This configuration prevents mod_security at phpMyAdmin directories from
# filtering SQL etc. This may break your mod_security implementation.
#
#<IfModule mod_security.c>
# <Directory /usr/share/phpMyAdmin/>
# SecRuleInheritance Off
# </Directory>
#</IfModule>
I want to load redmine on 127.0.0.1/redmine which it loads but it also loads on 127.0.0.0.1 and phpmyadmin on 127.0.0.1/phpmyadmin which throws an error and works only for 127.0.0.0.1/phpmyadmin/index.php
Any ideas what might be wrong?
Thank you
When you disable virtual host, there is a line in the Apache configuration such as:
DirectoryIndex index.php index.html
that takes effect. So add that line in the virtual host definition.

Can I specify a wildcard or regex as a Directory in htaccess?

We have many, many sites, all of which contain a "customer/uploadsfolder". We have to allow uploading, but want to block any GIF files, as well as turn off PHP in the folder as shown below. The question is, do we need one entry for every folder, or can wildcards/regex be used?
<VirtualHost *:80>
<Directory /customer/uploadsfolder>
deny from all
<Files ~ "^\w+\.(gif)$">
order deny,allow
allow from all
</Files>
<IfModule mod_php5.c>
php_flag engine off
</IfModule>
</Directory>
</VirtualHost>
Yes, use LocationMatch (or "Location ~").
<LocationMatch "\/customer\/uploadsfolder\/.*\.(php|gif)">
order allow,deny
deny from all
</LocationMatch>

Deny access to all files except index file - Apache2

I'm configuring an Apache2 server, but I'm having trouble figuring out how to deny access to all files/directories except the index file.
My website resides inside /var/www/
This is my current setup in the /etc/apache2/apache2.conf file:
<Directory />
Order Deny,Allow
Deny from all
Options None
AllowOverride None
</Directory>
<Directory /var/www/>
Order Allow,Deny
Allow from all
</Directory>
How do I solve my problem? Thanks!
Try adding a <FilesMatch> for index.php. If it doesn't work in this position, move it above the directory's Deny from all. Change index.html to whatever your index file is.
<Directory />
Order Deny,Allow
Deny from all
Options None
AllowOverride None
</Directory>
<Directory /var/www/>
# Deny first, then allow
Order deny,allow
# Deny everyone from everything
Deny from all
<FilesMatch index\.html>
# but allow index.html
Allow from all
</FilesMatch>
</Directory>
I think you're better off simply piping everything to the index file, not denying access to everything else.
This can be done through RewriteRule:
RewriteEngine On
# index goes to index (this is first to prevent infinite loop)
RewriteRule ^/index\.html$ - [L]
# everything else goes to index
RewriteRule .* /index.html [L]

.htaccess: Deny from all

This is working:
<Files *.fileext>
Order Allow,Deny
Deny from all
</Files>
This is not:
<Files *.fileext|somedirectory>
Order Allow,Deny
Deny from all
</Files>
Please help.
Files does not allow the use of regular expressions, but FilesMatch does, therefore it searches for a file with (something).fileext|somedirectory in the path, and this is not what you want to do. Your code will have to look like this:
<FilesMatch (\.fileext$|^somedirectory$)>
Order Allow,Deny
Deny from all
</FilesMatch>
see http://httpd.apache.org/docs/1.3/mod/core.html#files and http://httpd.apache.org/docs/1.3/mod/core.html#filesmatch
This can be slightly improved.
There is no need for an order directive and the end of string syntax can be used just once.
<FilesMatch (\.fileext|^somedirectory)$>
Deny from all
</FilesMatch>

Resources