Configuring Apache to allow disallow directory list - linux

I need to allow directory listing only for a particular directory: /var/www/test. I followed the steps given here http://wiki.apache.org/httpd/DirectoryListings but I am doing something wrong because of which I get Forbidden 403 message if I browse http://localhost/test. Following is what I have in my /etc/apache2/sites-available/test. Can you spot any error with this config?
<VirtualHost *:80>
DocumentRoot /var/www
<FilesMatch index.html>
deny from all
</FilesMatch>
<Directory /var/www/php/>
AllowOverride None
deny from all
</Directory>
<Directory /var/www/>
AllowOverride None
</Directory>
<Directory /var/www/test>
Options +Indexes
AllowOverride All
Order deny,allow
Allow from all
</Directory>
</VirtualHost>

The Order you're specifying for /var/www/test is deny,allow, so the Deny from all on /var/www is taking precedence over the Allow from all for /var/www/test. Switch that to allow,deny and you'll get the behavior you're expecting.
I'd also strongly recommend that you remove the <FilesMatch index.html>. It'll just cause you problems down the road. index.html has nothing to do with automatic directory indexing; it's only involved when you've explicitly created such a file, so this directive will just keep normal index.html files from ever working.

Related

The site does not see the frontend

I'm trying to launch a website using apache2 through a remote server in the PuttY program. The site gives a 503 error. There are no errors in the logs. All necessary components for operation are installed.
Maybe I made a mistake in the code (although I wrote the backend in the same way and it works fine)
ServerName test.site.com
DocumentRoot /var/www/test/frontend/web/
DirectoryIndex index.php index.html index.htm index.shtml
<Directory /var/www/test/frontend/web/>
Options Indexes FollowSymLinks MultiViews
Options all
# AllowOverride controls what directives may be placed in .htac>
AllowOverride All
# Controls who can get stuff from this server file
#Order allow,deny
Allow from all
Require all granted
</Directory>
<IfModule mpm_peruser_module>
ServerEnvironment apache apache
</IfModule>
ErrorLog /${APACHE_LOG_DIR}/test.lan-error.log
CustomLog /${APACHE_LOG_DIR}/test.lan-access.log combined
</VirtualHost>```
[1]: https://i.stack.imgur.com/6stZG.png

Apache2 cgi-bin location not updating

First of all thanks for the help. I'm trying to port a website to a new version of linux (Raspian Jessie), and am having a few issues, apache2 is version 2.4.10. Mainly with getting the cgi-bin folder to update correctly. I've updated the default file in /etc/apache2/sites-available/ to reflect the location that I would like the directory to be, yet apache is still trying to use the old cgi-bin location, thus giving me a 404 when I try to view the page in a web browser. My current config is as follows:
<VirtualHost *:80>
ServerAdmin webmaster#localhost
DocumentRoot /var/www/html
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory /var/www/html/>
Options Indexes FollowSymLinks MultiViews
AllowOverride ALL
Order allow,deny
allow from all
</Directory>
ScriptAlias /cgi-bin/ /var/www/cgi-bin/
<Directory "/var/www/cgi-bin">
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
# Possible values include: debug, info, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/access.log combined</VirtualHost>
The error log indicates that apache is still looking in the /usr/lib/cgi-bin/ directory for the cgi files and I can't seem to get it to update to the new location. Any thoughts.
You are not using "Include" correctly to load your VirtualHost file, therefore apachectl -S output does not show anything after "VirtualHost configuration:" and it goes on to the next section. There it should list your virtualhost and say it is the default as it is only one.
Review your Include directives

linux apache: what is the difference of DocumentRoot"path" and <Directory "path">?

The httpd.conf has two similar parts below ,what is the difference of DocumentRoot"path" and ?
http://localhost/server-status report: You don't have permission to access /server-status on this server.
error_log report: client denied by server configuration:/host/HY/PHP/server-status
ServerName localhost
DocumentRoot "/host/HY/PHP"
<Directory />
Options FollowSymLinks
AllowOverride None
Order deny,allow
Deny from all
</Directory>
<Directory "/host/HY/PHP">
Options Indexes FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all
</Directory>
To access the server-status, you usually need to enable the status module, and add the correct IPs in the Allow from line.
Something like:
<Location /server-status>
SetHandler server-status
Order deny,allow
Deny from all
Allow from 127.0.0.1 ::1 X.X.X.X
</Location>
DocumentRoot is the folder Apache will scan when accessing / on your server. This is where you should put your documents, but you'll never see a server-status folder here, if this is the underlying question. The server-status URL is completely virtual.
<Directory ...> allows you to define certain settings on a folder level and not a global Apache level.
Hope that makes sense.

.htaccess not being read

Iam trying to redirect my home page or any other page on the site to a particular php page .
This is my htaccess
Redirect 301 http://test.com/info http://test.com/get_forms_data.php
Options +FollowSymlinks
RewriteEngine ON
RewriteRule ^test.php$ http://test.com/get_forms_data.php [R=301,L]
I have checked my apache server .rewrite is enabled .
It still doesnt work .
If no matter what you put into your .htaccess file, you don't even get an error, that means that you probably need to have
AllowOverride All
set in your site configuration.
If you're on ubuntu, the place to look for the configuration is /etc/apache2/sites-available/. There you should find a file called default if this is a stock install of the default LAMP stack (https://help.ubuntu.com/community/ApacheMySQLPHP).
The key part there is this:
<Directory /var/www/>
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
</Directory>
Now change AllowOverride None to AllowOverride All. After that don't forget to restart your apache like so:
$ service apache2 restart
As an addition to Morgan's answer, putting AllowOverride All in your virtual host is sometimes not enough. I had this in my virtual host:
<VirtualHost *:80>
...
<Directory />
...
AllowOverride All
...
</Directory>
</VirtualHost>
You would expect this to work, wouldn't you, <Directory /> means it should be applied to everywhere on the file system. But .htaccess was still being ignored. Restarting the server did not help. I put junk in the .htaccess file to confirm it was not being read.
My mistake was assuming a virtual host overrides the global configuration. Kind of it does: my above configuration overrides any global settings for the / directory. But the global configuration overrides it back for /var/www/ and below. My fix is:
<VirtualHost *:80>
...
<Directory /var/www>
...
AllowOverride All
...
</Directory>
</VirtualHost>
(this assumes none of the other configuration needed to apply outside /var/www; if it does, make a separate <Directory /> block for just that special configuration.)
I was struggling with the same problem, and Darren Cook's answer gave me the definitive clue to find the solution.
My app was in some folder out of th public www path, lt's say in /opt/my_app.
I couldn't create a VirtualHost, so I created a symlink in Apache's public www ponting to my folder:
/var/www/html/my_app -> /opt/my_app
The thing is, in my App's Apache config file, I was specifying:
<Directory /opt/my_app>
AllowOverride All
</Directory>
And my .htaccess file wasn't being read. Then I saw that in Apache's configuration there was this:
<Directory /var/www/html>
AllowOverride None
</Directory>
Then I realised that Apache config files do not care about symlinks, and therefore the general rule was being applied to my App's foler. I changed Directory to:
<Directory /var/www/html/my_app>
AllowOverride All
</Directory>
And everything worked.
If Redirection doesn't work inspite of updating apache2.conf
According to the accepted answer, I updated AllowOverride None to AllowOverride All in the apache2.conf file, however redirection via .htaccess file was still not working for me!
<Directory /var/www/>
Options Indexes FollowSymLinks MultiViews
AllowOverride All # did not work inspite of setting to "All"
Order allow,deny
allow from all
</Directory>
What worked for me...
I had to also enable module redirection
// enable module redirection
sudo a2enmod rewrite
Of course, do not to forget to restart your apache server for the changes to take effect
Reference
Assuming /var/www/html is the working directory:
Change from AllowOverride None to AllowOverride All
<Directory /var/www/html>
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
</Directory>

ubuntu returns 500 error when .htaccess enabled

I'm currently moving a dev magento build to my live test subdomain on ubuntu and using Easy Hosting Control Panel (EHCP).
If I rename my .htaccess file to .htaccess and refresh my subdomain url, I get an internal server error 500. If I rename the .htaccess file to .htaccess.bak, and refresh, the subdomain displays my magento store fine. BUT, if I try to navigate, since the index.php isn't removed in the .htaccess file, all my links are dead unless I insert index.php between my root url and the actual page/directory I'm navigating to.
I tried over riding the /etc/apache2/sites-available/000-default and /etc/apache2/sites-available/default files to AllowOverride All:
<VirtualHost *>
DocumentRoot /var/www
<Directory />
Options FollowSymLinks
AllowOverride All
</Directory>
<Directory /var/www/vhosts/>
Options -Indexes FollowSymLinks MultiViews
AllowOverride All
Order Allow,Deny
Allow from All
</Directory>
<FilesMatch "access_log|error_log">
Deny from All
</FilesMatch>
ErrorLog /var/log/apache2/error.log
LogLevel debug
CustomLog /var/log/apache2/access.log combineddefault
but changing that in either file, or both, and then reenabling the .htaccess file still gives me the 500 error.
anything I'm doing wrong here? Somewhere else I should be placing the mod rewrite information?
thanks!
I know this is kind of dead but for those with this issue check your /etc/apache2/mods-enabled to see if rewrite.load is there if not try to copy it from the /etc/apache2/mods-available folder that fixed the issue for me. You will also have to have the .htaccess override enabled for that
is it rules available?
maybe apache is disabled rewrite mod,you can try to enable.
type 'a2enmod rewrite' to turn on.

Resources