I have installed phppgadmin in a Ubuntu server and want to access it from another computer.
It said access denied when i typed:
http://<ip>/phppgadmin
The port 5432 is opened in the Ubuntu server but just for local ip.
Thanks
The /etc/apache2/conf.d/phppgadmin.conf configuration file by default keeps anyone but localhost from accessing PhpPgAdmin.
Add a line that makes a new allow rule for your IP, so it looks something like this:
<Location /phppgadmin>
Order deny,allow
Deny from all
Allow from [Your client IP]
</Location>
By the way, this kind of question is probably more appropriate for stackoverflow's sister site serverfault.com
I know this is an old question but since i stumbled on it trying to fix the "Failed to load resource: the server responded with a status of 403 (Forbidden)" error while trying to access phpPgAdmin from another computer and the given answers didn't work for me, I wanted to share my solution.
Ubuntu: 17.04; phpPgAdmin: 5.1
Solution:
Comment out Require local in /etc/apache2/conf-enabled/phppgadmin.conf and restart apache (sudo service apache2 reload)
<Directory /usr/share/phppgadmin>
<IfModule mod_dir.c>
DirectoryIndex index.php
</IfModule>
AllowOverride None
# Only allow connections from localhost:
# Require local
<IfModule mod_php.c>
php_flag magic_quotes_gpc Off
php_flag track_vars On
#php_value include_path .
</IfModule>
<IfModule !mod_php.c>
<IfModule mod_actions.c>
<IfModule mod_cgi.c>
AddType application/x-httpd-php .php
Action application/x-httpd-php /cgi-bin/php
</IfModule>
<IfModule mod_cgid.c>
AddType application/x-httpd-php .php
Action application/x-httpd-php /cgi-bin/php
</IfModule>
</IfModule>
</IfModule>
</Directory>
/etc/apache2/conf-enabled/phppgadmin.conf
This is an apache (or web server) issue. You're phppgadmin directory has a .htaccess file disallowing EVERYONE except localhost.
You need to either set it to Allow ALL or Allow (insert IP here)
Are you running Apache?
You need to change your permissions in the httpd.conf file or .htaccess
http://httpd.apache.org/docs/2.0/misc/security_tips.html
I want to share my solution as well.
Debian 10.1 with Apache 2.4.38 and phpPgAdmin 5.1 on 64-Bit ARM.
The following config will allow local and LAN access, but (for security reasons) NO WAN access.
/etc/apache2/conf-enabled/phppgadmin.conf
<Directory /usr/share/phppgadmin>
<IfModule mod_dir.c>
DirectoryIndex index.php
</IfModule>
AllowOverride None
# Only allow connections from localhost:
#Require local
Order deny,allow
Deny from all
Allow from ::1
Allow from 127.0.0.1
Allow from 192.168.0.0/16
Allow from 172.16.0.0/12
Allow from 10.0.0.0/8
<IfModule mod_php.c>
php_flag magic_quotes_gpc Off
php_flag track_vars On
#php_value include_path .
</IfModule>
<IfModule !mod_php.c>
<IfModule mod_actions.c>
<IfModule mod_cgi.c>
AddType application/x-httpd-php .php
Action application/x-httpd-php /cgi-bin/php
</IfModule>
<IfModule mod_cgid.c>
AddType application/x-httpd-php .php
Action application/x-httpd-php /cgi-bin/php
</IfModule>
</IfModule>
</IfModule>
</Directory>
Related
here is a script for apache to disable folder access via browser:
## no access to this folder
# Apache 2.4
<IfModule mod_authz_core.c>
Require all denied
</IfModule>
# Apache 2.2
<IfModule !mod_authz_core.c>
Order Allow,Deny
Deny from all
</IfModule>
Options -Indexes
But it does not work: https://doboda.com/wp-content/uploads/movies/
How can i block it?
This is not FTP. This is the directory listing option. You can disable it by adding this line to .htaccess:
Options -Indexes
I have a website which logs the users activity on a text file. But then when I enter www.mywebsite.com/textfile.txt I can clearly see the contents of that txt file. How do I hide this?
Use this rewrite in top of .htaccess file:
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteRule ^textfile\.txt$ - [F,L]
</IfModule>
Or use directive Files:
<Files "textfile.txt">
Order Allow,Deny
Deny from all
</Files>
And for Apache 2.4+, use this:
<Files "textfile.txt">
Require all denied
</Files>
I want to add a rule in htaccess file like:
request url -
https://indianartzone.com/iaz-marketplace/account/login/
destination url -
https://indianartzone.com/csmarketplace/account/login/#
browser address bar show show the request url only that is the redirect will be internal.
I tried like this, but it's not working.
RewriteRule ^/iaz-marketplace/account/login$ /csmarketplace/account/login/
I am getting a 404 not found error.
update:
htaccess file contents:
############################################
## overrides deployment configuration mode value
## use command bin/magento deploy:mode:set to switch modes
# SetEnv MAGE_MODE developer
############################################
## uncomment these lines for CGI mode
## make sure to specify the correct cgi php binary file name
## it might be /cgi-bin/php-cgi
# Action php5-cgi /cgi-bin/php5-cgi
# AddHandler php5-cgi .php
############################################
## GoDaddy specific options
# Options -MultiViews
## you might also need to add this line to php.ini
## cgi.fix_pathinfo = 1
## if it still doesn't work, rename php.ini to php5.ini
############################################
## this line is specific for 1and1 hosting
#AddType x-mapp-php5 .php
#AddHandler x-mapp-php5 .php
############################################
## default index file
DirectoryIndex index.php
<IfModule mod_php5.c>
############################################
## adjust memory limit
php_value memory_limit 768M
php_value max_execution_time 18000
############################################
## disable automatic session start
## before autoload was initialized
php_flag session.auto_start off
############################################
## enable resulting html compression
#php_flag zlib.output_compression on
###########################################
## disable user agent verification to not break multiple image upload
php_flag suhosin.session.cryptua off
</IfModule>
<IfModule mod_php7.c>
############################################
## adjust memory limit
php_value memory_limit 768M
php_value max_execution_time 18000
############################################
## disable automatic session start
## before autoload was initialized
php_flag session.auto_start off
############################################
## enable resulting html compression
#php_flag zlib.output_compression on
###########################################
## disable user agent verification to not break multiple image upload
php_flag suhosin.session.cryptua off
</IfModule>
<IfModule mod_security.c>
###########################################
## disable POST processing to not break multiple image upload
SecFilterEngine Off
SecFilterScanPOST Off
</IfModule>
<IfModule mod_deflate.c>
############################################
## enable apache served files compression
## http://developer.yahoo.com/performance/rules.html#gzip
# Insert filter on all content
###SetOutputFilter DEFLATE
# Insert filter on selected content types only
#AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css text/javascript application/javascript application/x-javascript application/json image/svg+xml
# Netscape 4.x has some problems...
#BrowserMatch ^Mozilla/4 gzip-only-text/html
# Netscape 4.06-4.08 have some more problems
#BrowserMatch ^Mozilla/4\.0[678] no-gzip
# MSIE masquerades as Netscape, but it is fine
#BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
# Don't compress images
#SetEnvIfNoCase Request_URI \.(?:gif|jpe?g|png)$ no-gzip dont-vary
# Make sure proxies don't deliver the wrong content
#Header append Vary User-Agent env=!dont-vary
</IfModule>
<IfModule mod_ssl.c>
############################################
## make HTTPS env vars available for CGI mode
SSLOptions StdEnvVars
</IfModule>
############################################
## workaround for Apache 2.4.6 CentOS build when working via ProxyPassMatch with HHVM (or any other)
## Please, set it on virtual host configuration level
## SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1
############################################
<IfModule mod_rewrite.c>
############################################
## enable rewrites
Options +FollowSymLinks
RewriteEngine on
## RewriteRule ^/log1/ /csmarketplace/account/login/$
RewriteRule ^/?iaz-marketplace/(account/login)/?$ /csmarketplace/$1/ [L,NC]
############################################
## you can put here your magento root folder
## path relative to web root
#RewriteBase /magento/
############################################
## workaround for HTTP authorization
## in CGI environment
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
############################################
## TRACE and TRACK HTTP methods disabled to prevent XSS attacks
RewriteCond %{REQUEST_METHOD} ^TRAC[EK]
RewriteRule .* - [L,R=405]
############################################
## redirect for mobile user agents
#RewriteCond %{REQUEST_URI} !^/mobiledirectoryhere/.*$
#RewriteCond %{HTTP_USER_AGENT} "android|blackberry|ipad|iphone|ipod|iemobile|opera mobile|palmos|webos|googlebot-mobile" [NC]
#RewriteRule ^(.*)$ /mobiledirectoryhere/ [L,R=302]
############################################
## never rewrite for existing files, directories and links
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-l
############################################
## rewrite everything else to index.php
##RewriteRule ^/iaz-marketplace/account/login$ /csmarketplace/account/login
RewriteRule .* index.php [L]
</IfModule>
############################################
## Prevent character encoding issues from server overrides
## If you still have problems, use the second line instead
AddDefaultCharset Off
#AddDefaultCharset UTF-8
AddType 'text/html; charset=UTF-8' html
<IfModule mod_expires.c>
############################################
## Add default Expires header
## http://developer.yahoo.com/performance/rules.html#expires
ExpiresDefault "access plus 1 year"
ExpiresByType text/html A0
ExpiresByType text/plain A0
</IfModule>
###########################################
## Deny access to root files to hide sensitive application information
RedirectMatch 403 /\.git
<Files composer.json>
order allow,deny
deny from all
</Files>
<Files composer.lock>
order allow,deny
deny from all
</Files>
<Files .gitignore>
order allow,deny
deny from all
</Files>
<Files .htaccess>
order allow,deny
deny from all
</Files>
<Files .htaccess.sample>
order allow,deny
deny from all
</Files>
<Files .php_cs.dist>
order allow,deny
deny from all
</Files>
<Files .travis.yml>
order allow,deny
deny from all
</Files>
<Files CHANGELOG.md>
order allow,deny
deny from all
</Files>
<Files CONTRIBUTING.md>
order allow,deny
deny from all
</Files>
<Files COPYING.txt>
order allow,deny
deny from all
</Files>
<Files Gruntfile.js>
order allow,deny
deny from all
</Files>
<Files LICENSE.txt>
order allow,deny
deny from all
</Files>
<Files LICENSE_AFL.txt>
order allow,deny
deny from all
</Files>
<Files nginx.conf.sample>
order allow,deny
deny from all
</Files>
<Files package.json>
order allow,deny
deny from all
</Files>
<Files php.ini.sample>
order allow,deny
deny from all
</Files>
<Files README.md>
order allow,deny
deny from all
</Files>
<Files magento_umask>
order allow,deny
deny from all
</Files>
# For 404s and 403s that aren't handled by the application, show plain 404 response
ErrorDocument 404 /pub/errors/404.php
ErrorDocument 403 /pub/errors/404.php
################################
## If running in cluster environment, uncomment this
## http://developer.yahoo.com/performance/rules.html#etags
#FileETag none
# ######################################################################
# # INTERNET EXPLORER #
# ######################################################################
# ----------------------------------------------------------------------
# | Document modes |
# ----------------------------------------------------------------------
# Force Internet Explorer 8/9/10 to render pages in the highest mode
# available in the various cases when it may not.
#
# https://hsivonen.fi/doctype/#ie8
#
# (!) Starting with Internet Explorer 11, document modes are deprecated.
# If your business still relies on older web apps and services that were
# designed for older versions of Internet Explorer, you might want to
# consider enabling `Enterprise Mode` throughout your company.
#
# https://msdn.microsoft.com/en-us/library/ie/bg182625.aspx#docmode
# http://blogs.msdn.com/b/ie/archive/2014/04/02/stay-up-to-date-with-enterprise-mode-for-internet-explorer-11.aspx
<IfModule mod_headers.c>
Header set X-UA-Compatible "IE=edge"
# `mod_headers` cannot match based on the content-type, however,
# the `X-UA-Compatible` response header should be send only for
# HTML documents and not for the other resources.
<FilesMatch "\.(appcache|atom|bbaw|bmp|crx|css|cur|eot|f4[abpv]|flv|geojson|gif|htc|ico|jpe?g|js|json(ld)?|m4[av]|manifest|map|mp4|oex|og[agv]|opus|otf|pdf|png|rdf|rss|safariextz|svgz?|swf|topojson|tt[cf]|txt|vcard|vcf|vtt|webapp|web[mp]|webmanifest|woff2?|xloc|xml|xpi)$">
Header unset X-UA-Compatible
</FilesMatch>
</IfModule>
# php -- BEGIN cPanel-generated handler, do not edit
# Set the “ea-php70� package as the default “PHP� programming language.
<IfModule mime_module>
AddType application/x-httpd-ea-php70 .php .php7 .phtml
</IfModule>
# php -- END cPanel-generated handler, do not edit
# BEGIN cPanel-generated php ini directives, do not edit
# Manual editing of this file may result in unexpected behavior.
# To make changes to this file, use the cPanel MultiPHP INI Editor (Home >> Software >> MultiPHP INI Editor)
# For more information, read our documentation (https://go.cpanel.net/EA4ModifyINI)
<IfModule php7_module>
php_flag display_errors On
php_value max_execution_time 300
php_value max_input_time 60
php_value max_input_vars 1000
php_value memory_limit 3G
php_value post_max_size 512M
php_value session.gc_maxlifetime 1440
php_value session.save_path "/var/cpanel/php/sessions/ea-php70"
php_value upload_max_filesize 50M
php_flag zlib.output_compression On
</IfModule>
# END cPanel-generated php ini directives, do not edit
You may try this rukle:
RewriteRule ^/?iaz-marketplace/(account/login)/?$ /csmarketplace/$1/ [L,NC]
i'm trying to enable clean URL on my server (Debian squezze) for my Drupal Website .
I tried all of the things i found on the net . So please help me .
The rewrite module is enabled.
On my server , the Drupal's folders got this way : " /var/www/myshop/client/101b". with a symbolic link named "current" . So to access from the brower on my website i have to write an URL like that : "http://myshop.myserv.com"
Here is my .htaccess at the root of my folder "101b":
#
# Apache/PHP/Drupal settings:
#
# Protect files and directories from prying eyes.
<FilesMatch "\.(engine|inc|info|install|make|module|profile|test|po|sh|.*sql|theme|tpl(\.php)?|xtmpl)$|^(\..*|Entries.*|Repository|Root|Tag|Template)$">
Order allow,deny
</FilesMatch>
# Don't show directory listings for URLs which map to a directory.
Options -Indexes
# Follow symbolic links in this directory.
Options +FollowSymLinks
# Make Drupal handle any 404 errors.
ErrorDocument 404 /index.php
# Set the default handler.
DirectoryIndex index.php index.html index.htm
# Override PHP settings that cannot be changed at runtime. See
# sites/default/default.settings.php and drupal_environment_initialize() in
# includes/bootstrap.inc for settings that can be changed at runtime.
# PHP 5, Apache 1 and 2.
<IfModule mod_php5.c>
php_flag magic_quotes_gpc off
php_flag magic_quotes_sybase off
php_flag register_globals off
php_flag session.auto_start off
php_value mbstring.http_input pass
php_value mbstring.http_output pass
php_flag mbstring.encoding_translation off
</IfModule>
# Requires mod_expires to be enabled.
<IfModule mod_expires.c>
# Enable expirations.
ExpiresActive On
# Cache all files for 2 weeks after access (A).
ExpiresDefault A1209600
<FilesMatch \.php$>
# Do not allow PHP scripts to be cached unless they explicitly send cache
# headers themselves. Otherwise all scripts would have to overwrite the
# headers set by mod_expires if they want another caching behavior. This may
# fail if an error occurs early in the bootstrap process, and it may cause
# problems if a non-Drupal PHP file is installed in a subdirectory.
ExpiresActive Off
</FilesMatch>
</IfModule>
# Various rewrite rules.
<IfModule mod_rewrite.c>
RewriteEngine on
Options All
# Block access to "hidden" directories whose names begin with a period. This
# includes directories used by version control systems such as Subversion or
# Git to store control files. Files whose names begin with a period, as well
# as the control files used by CVS, are protected by the FilesMatch directive
# above.
#
# NOTE: This only works when mod_rewrite is loaded. Without mod_rewrite, it is
# not possible to block access to entire directories from .htaccess, because
# <DirectoryMatch> is not allowed here.
#
# If you do not have mod_rewrite installed, you should remove these
# directories from your webroot or otherwise protect them from being
# downloaded.
RewriteRule "(^|/)\." - [F]
# If your site can be accessed both with and without the 'www.' prefix, you
# can use one of the following settings to redirect users to your preferred
# URL, either WITH or WITHOUT the 'www.' prefix. Choose ONLY one option:
#
# To redirect all users to access the site WITH the 'www.' prefix,
# (http://example.com/... will be redirected to http://www.example.com/...)
# uncomment the following:
# RewriteCond %{HTTP_HOST} !^www\. [NC]
# RewriteRule ^ http://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
#
# To redirect all users to access the site WITHOUT the 'www.' prefix,
# (http://www.example.com/... will be redirected to http://example.com/...)
# uncomment the following:
# RewriteCond %{HTTP_HOST} ^www\.(.+)$ [NC]
# RewriteRule ^ http://%1%{REQUEST_URI} [L,R=301]
# Modify the RewriteBase if you are using Drupal in a subdirectory or in a
# VirtualDocumentRoot and the rewrite rules are not working properly.
# For example if your site is at http://example.com/drupal uncomment and
# modify the following line:
RewriteBase /myshop/client/101b
#
# If your site is running in a VirtualDocumentRoot at http://example.com/,
# uncomment the following line:
# RewriteBase /
# Pass all requests not referring directly to files in the filesystem to
# index.php. Clean URLs are handled in drupal_environment_initialize().
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} !=/favicon.ico
RewriteRule ^ index.php [L]
# Rules to correctly serve gzip compressed CSS and JS files.
# Requires both mod_rewrite and mod_headers to be enabled.
<IfModule mod_headers.c>
# Serve gzip compressed CSS files if they exist and the client accepts gzip.
RewriteCond %{HTTP:Accept-encoding} gzip
RewriteCond %{REQUEST_FILENAME}\.gz -s
RewriteRule ^(.*)\.css $1\.css\.gz [QSA]
# Serve gzip compressed JS files if they exist and the client accepts gzip.
RewriteCond %{HTTP:Accept-encoding} gzip
RewriteCond %{REQUEST_FILENAME}\.gz -s
RewriteRule ^(.*)\.js $1\.js\.gz [QSA]
# Serve correct content types, and prevent mod_deflate double gzip.
RewriteRule \.css\.gz$ - [T=text/css,E=no-gzip:1]
RewriteRule \.js\.gz$ - [T=text/javascript,E=no-gzip:1]
<FilesMatch "(\.js\.gz|\.css\.gz)$">
# Serve correct encoding type.
Header set Content-Encoding gzip
# Force proxies to cache gzipped & non-gzipped css/js files separately.
Header append Vary Accept-Encoding
</FilesMatch>
</IfModule>
</IfModule>
and here this my 000-default file in "etc/apache2/site-enabled/ : "
<VirtualHost *:80>
ServerAdmin webmaster#localhost
DocumentRoot /var/www/myshop/client/current
<Directory />
Options FollowSymLinks
AllowOverride All
</Directory>
<Directory /var/www/myshop/client/current/>
Options Indexes FollowSymLinks MultiViews
AllowOverride All
</Directory>
Alias /admin/ /var/www/myshop/backoffice/current/
<Directory /var/www/myshop/backoffice/current/>
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
</Directory>
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<Directory "/usr/lib/cgi-bin">
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
But when i want to enable clean URL the test always fail.
Anyone have an idea ?
Thanks for help .
You should use 'RewriteBase /' instead of 'RewriteBase /myshop/client/101b' because virtual host is pointing to folder which contains Drupal site.
Please also check version of Apache you're using. Newest versions of Apache web-server require some changes in host's definition. You should use 'Require all granted' instead of 'Allow from All'. See example which works for me:
<VirtualHost *:80>
ServerName drupal7
ServerAlias drupal7 www.drupal7
DocumentRoot /home/vlad/www/public_html/drupal7
<Directory /home/vlad/www/public_html/drupal7/>
Options FollowSymLinks
AllowOverride All
Require all granted
</Directory>
</VirtualHost>
Please take a look at answers here: Unable to enable Clean URLs in drupal 7 website after migration
I want to make short url's in my web for ex:
change this url:
www.site.com/somepage.php
www.site.com/text.php?id=123
to this:
www.site.com/somepage
www.site.com/text/123
I tried alot of example from answers here and nothing work, I dont konw what I'm doing worng.
my default htaccess file is:
<IfModule mod_suphp.c>
suPHP_ConfigPath /home/user/php.ini
<Files php.ini>
order allow,deny
deny from all
</Files>
</IfModule>
# Use PHP5 as default
AddHandler application/x-httpd-php5 .php
What I need to do for making it work?
You have to define a rule and active the URL Rewriting :
#URL Rewriting
RewriteEngine on
RewriteRule ^somepage$ /somepage.php [L]
#Your code
<IfModule mod_suphp.c>
suPHP_ConfigPath /home/user/php.ini
<Files php.ini>
order allow,deny
deny from all
</Files>
</IfModule>
# Use PHP5 as default
AddHandler application/x-httpd-php5 .php