Disabled PHP for Single Directory with HTACCESS (PHP-FPM) - .htaccess

I want to disable the parsing of PHP files in a specific directory, and found out how to do that here. The problem is that my server uses PHP-FPM, and I get Invalid command 'php_flag', perhaps misspelled or defined by a module not included in the server configuration when I try to use php_flag in my httpd.conf file.
How can I disable parsing of PHP files in a given web-accessible directory with an htaccess/httpd.conf file that is located above web root on a server using PHP-FPM?

Since Fedora 27 switched to php-fpm recently, I, too, ran into this problem. Unfortunately, the old ways of doing things with mod_php do not apply to php-fpm.
I did find another question here that definitely seemed more relevant:
Apache: Disable php in a directory
The gist of it was was to use a <directory> and <filesmatch> block in your config file, and use SetHandler ! for every directory you didn't want PHP code interpreted.
e.g.:
<Directory "/path/to/no/phpfiles">
<Files "*.*">
SetHandler !
</Files>
</Directory>
This is tested and working on Fedora 27, PHP-FPM 7.1.12.
Unlike using the fpm configs directly, this technique works recursively, so placing it at the top level of a tree of stuff you don't want PHP interpreting works as expected.
I disable .htaccess files in my configurations, but this technique should still work. However, <directory> is not valid inside a .htaccess file. Hopefully just removing it, and leaving:
<Files "*.*">
SetHandler !
</Files>
Should be sufficient.

How can I disable parsing of PHP files in a given web-accessible
directory with an htaccess/httpd.conf file that is located above web
root on a server using PHP-FPM?
You can't persay the way you're trying it without mod_php (which you don't want) which is why you're getting that error. PHP-FPM is not an Apache module. It runs independent of Apache. That's actually it's purpose to be used on heavily loaded sites and it can control all the PHP processes.
One way you might be able to achieve this is to specify the exact path you want to run PHP, in your virtualhost file with the Directory directive. Instead of just having the PHP handler stuff, enclose it with the Directory directive with the actual path you want it to run. Here is an example.
<VirtualHost *:80>
ServerAdmin webmaster#example.com
ServerName example.com
ServerAlias www.example.com
DocumentRoot /var/www/example.com/public_html/
ErrorLog /var/www/example.com/error.log
CustomLog /var/www/example.com/access.log combined
<Directory /path/to/php/only/folder/>
#then you PHP handler stuff
<IfModule mod_fastcgi.c>
AddType application/x-httpd-fastphp5 .php
Action application/x-httpd-fastphp5 /php5-fcgi
Alias /php5-fcgi /usr/lib/cgi-bin/php5-fcgi_example.com
FastCgiExternalServer /usr/lib/cgi-bin/php5-fcgi_example.com -socket /var/run/php5-fpm_example.com.sock -pass-header Authorization
</IfModule>
</Directory>
</VirtualHost>
Then restart Apache. This should limit it to that directory. You might have to remove the php handler info from the other config so it's not overwritten.
Note I have not tested this solution.

Related

mod_rewrite is enabled, .htaccess file is ok, but requests are not going through index.php

I've just installed ubuntu-server_6.04.2_LTS, after the fresh installation I've enabled mod_rewrite, it's showing in phpinfo()
my .htaccess file is OK
but, still requests are not going through index.php
You should check if for that specific directory (root folder of your project), apache is configured to allow overriding through .htaccess.
If you want to allow such override, the directives found in apache.conf or the specific settings for your virtual host should look like this:
<Directory /var/www/>
AllowOverride All
Require all granted
</Directory>

.htaccess not working on xampp Ubuntu 14.04

I have difficulties making my .htacces work on my Ubuntu 14.04 LTS. I know it is a hidden file and all; I've searched everywhere and people seem to have the same problem. I've made a virtual host on my machine and all. Can someone please help me ?
ErrorDocument 404 /pages/error.php?code=404
ErrorDocument 403 /pages/error.php?code=403
You need to make sure the following things are true:
You need to check what DocumentRoot is set to. When an url beginning with a slash is detected, it will try to load that file relative to the document root. (docs) The file <documentroot>/pages/error.php must thus exist.
You need to make sure that .htaccess files are allowed by the main Apache configuration. The easiest way to test this is by entering garbage into your .htaccess file, saving it and reloading a page. You'll get an internal server error if Apache reads the .htaccess file. Otherwise the page loads as expected. To enable .htaccess files, the AllowOverride directive must allow something (see next bullet point). Additionally, check in httpd.conf if AccessFileName is set to something different than .htaccess. Change it as necessary, then RESTART APACHE. (docs)
For ErrorDocument, AllowOverride must be at least set to FileInfo. See the docs. Go to your main config file (httpd.conf), probably apache/Apachex.y.z/conf/httpd.conf. Search for the <Directory ...> block that corresponds to your http root, and look around if it contains an AllowOverride directive. Add FileInfo as one of the arguments, save the file and RESTART APACHE.

new Symfony project on apache server needs mod_rewrite code?

I have just created a new (test) symfony project and set my apache webroot to /home/user/project/ (not sure if it should be /home/user/project/web/?)
However, from what I understand based on the lightbulb section here: http://symfony.com/doc/current/book/page_creation.html#the-web-directory - there isn't any internal rerouting occurring. Therefore, this does not work:
http://localhost/random/10
but these do work:
http://localhost/app_dev.php/random/10
http://localhost/app.php/random/10
To double check, if I start the internal PHP server (php app/console server:start) then everything gets rerouted correctly - this does work:
http://localhost:8000/random/10
Am I right in thinking that I need to make changes to .htaccess? If so, is there a 'standard' section of code for using apache with symfony?
EDIT:
I have updated my apache2.conf (which for others would be httpd.conf if not on ubuntu as I understand it) as below:
<Directory /home/user/Project/>
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
</Directory>
If I remember correctly, .htaccess alredy defines DirectoryIndex as app.php. However, your Apache config file httpd.conf might be blocking the override.
Make sure that you have that line in your .htaccess and also check the value of AllowOverride (docs) within your httpd.conf. Try setting AllowOverride to All and see if that works.

Multiple VirtualHosts for Rails sites

I would like to run a rails app under a subdirectory on my Linux VPS, and having trawled the passenger documentation I am unsure as to how to set up the proper virtualhost config and symlinks for my machine.
I have a domain called www.domain.eu and a rails app located at /apps/webapp, and i would like the site to be hosted at www.domain.eu/webapp
Im am unsure of a few areas:
1.) Where should i enter the webapp VirtualHost config details? should it be in the apache2.conf file or should create a file in sites-available called webapp and put the config in there? There seems to be many conflicting examples.
2.) Learning from the previous question, how could I amend this apache2.conf file to serve up the rails app under the directory www.domain.eu/webapp (again read through lots of docs, but there seems to be many ways of doing this)
<VirtualHost *:80>
ServerName domain.eu
# !!! Be sure to point DocumentRoot to 'public'!
DocumentRoot /apps/webapp/public
<Directory /apps/webapp/public>
# This relaxes Apache security settings.
AllowOverride all
# MultiViews must be turned off.
Options -MultiViews
</Directory>
RailsBaseURI /webapp
<Directory /apps/webapp/public>
Options -MultiViews
</Directory>
</VirtualHost>
3.) I realise that a symlink needs to be created to point the directory root to the url. Having tried ln -s /apps/webapp/public ./test it comes back with a missing symlink error. What would be recommended here?
4.) Lastly, rails 3 config.action_controller.relative_url_root = "/webapp" appears to be deprecated, is there a new recommended convention to use?
my setup: Linux VPS server running Ubuntu 10.04, mysql 5, apache2, phusion passenger (latest), ruby 1.9.3 and rails 3.2.3.
If anyone needs more code just shout, thanks in advance!
So after much reading I managed to get this working.
For my purpose I added in the VirtualHost info for a sub URI site into the bottom my apache2.conf file, it may be httpd.conf for you, but you can enter these into /etc/apache2/sites-available if you wish to keep it all seperate.
At the top of this file I specify where the default "homepage" for the server is. I am running apache2 so my homepage is located at /var/www. Below this we set our rails Sub URI options, so firstly specify what URL you would like as your sub URI, then point the directory tag to the public folder of your rails app. MultiViews must be off hence the (-) so our apache2.conf file is complete.
<VirtualHost *:80>
ServerName domain.com
DocumentRoot /var/www
<Directory /var/www>
Allow from all
</Directory>
RailsBaseURI /webapp
<Directory /apps/webapp/public>
Options -MultiViews
</Directory>
</VirtualHost>
Now all we have to do is create a symlink in our sites-enabled folder to point the /var/www/webapp to our /apps/webapp/public folder, which looks like this.
ln -s /apps/webapp/public /var/www/webapp
Now was we are creating a symlink, we don't have to insert any extra code into our rails routes or environment file. You can specify which environment you would like to use using RackENV production (aparently al rails 3 + apps are rack ? please comment if this is not the case)

Protect ajax files from direct call using htaccess

To prevent my Ajax files from direct acccess I did this:
I put all files in a common directory called "ajax" and put this in an .htaccess file in the same folder. This is my directory structure:
/var/www/html/ajax
<Directory "/var/www/html/ajax">
order allow,deny
Deny from all
Allow from 127.0.0.1
</Directory>
But this produces server error 500. .htaccess use is enabled in my server along with mod-rewrite. Please help.
The Directory directive is not allowed in your .htaccess file. see http://httpd.apache.org/docs/2.0/mod/core.html#directory. However, you can achieve the same result by simply placing the code you have in the .haccess in the /var/www/html/ajax directory, without the Directory directive
order allow,deny
Deny from all
Allow from 127.0.0.1
<Directory> is a directive that's not supported in .htaccess files, it's core and vhost specific.
For an .htaccess file, the directive is superfluous and must be omitted, because the directory is implied by the location of the .htaccess file.
Simply remove <Directory> and its closing "tag" and it should work.

Resources