I'm already using open_basedir to restrict a VirtualHost to a certain directory:
<VirtualHost *:80>
ServerName test.example.com
DocumentRoot /sites/test/www
php_admin_value "open_basedir" "/sites/test/www"
<Directory />
AllowOverride All
Require all granted
</Directory>
</VirtualHost>
How to disable the use of ini_set or exec, but only for this particular VirtualHost (and not for the others)?
You're looking for the disable_functions entry in your php.ini.
So you want a different php.ini for your particular VirtualHost. That could be done via "PHPINIDir"
<virtualhost *:80>
ServerName www.example.com
DocumentRoot /path/to/example.com
PHPINIDir /whatever/path/to/php.ini
</virtualhost>
UPDATE: I removed the example with php_admin_value because, as others have noted in the comments, it wouldn't work with this particular setting. As was discussed here: php_admin_value disable_functions not working ( sorry ... should have looked it up beforehand).
Related
I have successfully installed suhosin in my server and I'm blocking the devil PHP eval function on some virtualhosts with this configuration:
<VirtualHost 123.123.123.123:80>
<Directory /var/www/html/www.example.com>
#SUHOSIN
php_admin_value suhosin.executor.disable_eval On
</Directory>
</VirtualHost>
However, I need to enable eval on some specific URL since it is used by the platform on some specific cases. I've tried the following:
<VirtualHost 123.123.123.123:80>
<Directory /var/www/html/www.example.com>
# SUHOSIN
php_admin_value suhosin.executor.disable_eval On
</Directory>
<Location "/some/path">
# Reenable eval for this path
php_admin_value suhosin.executor.disable_eval Off
</Location>
</VirtualHost>
And also with the tag LocationMatch, with no success (it's like if it was not there: no effect at all).
Any ideas how can I have this directive working just for a specific path?
Thanks
I am not using SUHOSIN, I solved with different php.ini files for each website.
Something like:
<VirtualHost 123.123.123.123:80>
[...]
PHPINIDir /path/to/specificinifile
[...]
</VirtualHost>
Hope this helps.
I'm using XAMPP on Windows 8.1.
I've this in apache config:
DocumentRoot "C:\Users\David\Dropbox\Programming\PHP"
<Directory "C:\Users\David\Dropbox\Programming\PHP">
VHosts:
<VirtualHost *:80>
ServerName http://spedice
DocumentRoot "C:\Users\David\Dropbox\Programming\PHP\Projects_Kuba\Spedice\SczCMS\www"
</VirtualHost>
<VirtualHost *:80>
ServerName http://domaciucetnictvi
DocumentRoot "C:\Users\David\Dropbox\Programming\PHP\Projects_Kuba\DomaciUcetnictvi\www"
</VirtualHost>
But if I try accessing root directory - C or accessing some folder like C:\Program Files etc. It normally works. How can I disable going outside of this folder: C:\Users\David\Dropbox\Programming\PHP?
Fxp:
script.php
<?php
mkdir('../../../../../../folder');
?>
Placed in: C:\Users\David\Dropbox\Programming\PHP\Projects_Kuba\DomaciUcetnictvi\www
Called like: http://domaciucetnictvi/script.php
Thanks!
Try to modify the open_basedir settings in your PHP config (just see Runtime Configuration for further information). This will prevent PHP from accessing directories outside of the definded basedir(s).
---EDIT---
To be a bit more conclusive. You can set open_basedir in your Apache configuration file, php.ini, or in a .htaccess file.
In php.ini, you can do this for example by adding:
open_basedir = "/path/to/first/folder:/path/to/second/folder"
In .htacces you can do it with:
php_flag open_basedir "/path/to/first/folder"
In your Apache config try:
<Directory /docroot1>
php_admin_value open_basedir /path/to/first/folder
</Directory>
<Directory /docroot2>
php_admin_value open_basedir /path/to/second/folder
</Directory>
I have a Virtual Host configured in Windows 7. The project is located in C:\project with the following structure:
project
\cache
\configs
\htdocs
\css
\images
\js
\.htaccess
\index.php
\includes
\setup.php
\en.php
\lib
\templates
\templates_c
In my httpd-vhosts.conf, I created a VirtualHost:
<VirtualHost *:80>
DocumentRoot "C:/project/htdocs"
ServerName project.dev
<Directory "C:/project/htdocs">
Options Indexes FollowSymLinks ExecCGI Includes
AllowOverride All
Order allow,deny
Allow from all
Require all granted
</Directory>
</VirtualHost>
And added 127.0.0.1 project.dev to the C:\Windows\System32\drivers\etc\hosts.
The problem is that I want the htdocs to be the directory from which httpd will serve files but I want to include, with PHP, files, for example, located in the includes directory.
How can I solve this problem? I already tried so many solutions from $_SERVER['DOCUMENT_ROOT'] to Apache Alias and .htaccess tweaking but none have worked so far. There must have be some easy solution. Maybe I'm not understanding quite correctly the concept of DocumentRoot. I just want to emulate the typical server folder public_html/www/htdocs while keeping important files out of the browser/user scope.
This is a VHost I took from my httpd-vhosts.conf. The only extra configuration I made was to get around the 403 I was hitting:
<VirtualHost *:80>
ServerName "Markdown.loc"
ServerAlias "www.Markdown.loc"
DocumentRoot "C:\INTERNAL\PHP\Markdown"
<Directory "C:\INTERNAL\PHP\Markdown">
Options +Indexes
AllowOverride All
</Directory>
</VirtualHost>
All my other VHosts look like this:
<VirtualHost *:80>
DocumentRoot "C:/xampp/htdocs/somesite.loc"
ServerName somesite.loc
ServerAlias www.somesite.loc
</VirtualHost>
If you're simply looking to include something from a dir on the same level as your htdocs though, include("../includes/somefile.php") should work just fine.
If I've got your problem wrong, let me know, and I'll try to help you more.
Set your include path within your virtualhost or .htaccess:
php_value include_path ".;c:/project"
I am trying to install PHP-Laravel in Windows 8 and I am using Xamp server(localhost). I am following Installing Laravel guide.
According to this guide I am making virtual host using following code :
<VirtualHost *:80>
DocumentRoot "C:/xampp/htdocs/TssApp/public"
ServerName TssApp
<Directory "C:/xampp/htdocs/TssApp/public">
Options Indexes FollowSymLinks MultiViews
AllowOverride all
</Directory>
</VirtualHost>
//Where "C:/xampp/htdocs/TssApp/public" is path of Laravel public folder
and I have also added following line in in etc/hosts
127.0.0.2 TssApp
After doing necessary steps mentioned in this tutorial when I type "http://TssApp" , it always redirect to "http://tssapp/xampp/" instead of Laravel Home page. I don't know if I am missing any thing.
Note: I can access laravel home page at "http://localhost/tssapp/public/" but want
to use "http://TssApp" link to access my application.
Please help me regarding this issue.
Thanks .
Do you have NameVirtualHost * in your virtual-hosts configuration?
You'll need to restart Apache after any changes to either /etc/hosts or your virtual-hosts configuration files
Try adding the code to C:\xampp\apache\conf\extra\httpd-vhosts.conf instead of adding it to your own conf file. As far as I know xampp will ignore it unless its in the vhosts file.
You could try this.
<VirtualHost *>
DocumentRoot "C:\xampp\htdocs"
ServerName localhost
</VirtualHost>
<VirtualHost *>
DocumentRoot "C:\xampp\htdocs\TssApp\public"
ServerName tssapp
<Directory "C:\xampp\htdocs\TssApp\public">
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
</Directory>
</VirtualHost>
Although you should put your files in the xampp directory and not the htdocs directory, so your files should be C:\xampp\TssApp\public, This would stop people from visiting htdocs which is a public folder and getting access to your application.
According to the documentation (that you point to), you should write
<VirtualHost 127.0.0.2>
and not
<VirtualHost *:80>
Could you try that and restart your computer/server?
Add in:
Allow from all
after
AllowOverride all
The end result should be:
<VirtualHost *:80>
DocumentRoot "C:/xampp/htdocs/TssApp/public"
ServerName TssApp
<Directory "C:/xampp/htdocs/TssApp/public">
Options Indexes FollowSymLinks MultiViews
AllowOverride all
Allow from all
</Directory>
</VirtualHost>
Also make sure you are editing the file "httpd-vhosts.conf" found in:
C:\xampp\apache\conf\extra
First time cake user and I'm having real apache problems. For some reason the .htaccess is trying to find
File does not exist: /Library/WebServer/Documents/Users
but there is no such directory as Users. I have tried setting up the following also:
/etc/apache2/extra/httpd-vhosts.conf
<VirtualHost *:80 >
DocumentRoot "/Users/username/Sites/mysite/app/webroot"
ServerName mysite.dev
ServerAlias www.mysite.dev mysite.dev *.mysite.dev
<Directory "/Users/username/Sites/mysite/app/webroot">
Options Indexes FollowSymLinks
AllowOverride All
</Directory>
</VirtualHost>
/etc/hosts
127.0.0.1 mysite.dev
/etc/apache2/users/username.conf
<Directory "/Users/username/Sites/">
Options Indexes MultiViews FollowSymlinks
AllowOverride All
Order allow,deny
Allow from all
</Directory>
That also hasn't worked, but with a different error Failed opening required 'cake/libs/cache/file.php'
Although I'd rather not use virtual hosts, and just run it off localhost
Seems like the solution that worked for me was to edit /etc/apache2/users/username.conf and add this at the top:
DocumentRoot "/Users/username/Sites"
And the default cakePHP download now runs ok.
Looks like Apache is trying to find your webroot in a different location--the default location, if memory serves. If you want to use virtual hosts (which would be my recommendation, for whatever it's worth), ensure that the NameVirtualHost directive is uncommented. By default, it's commented out:
NameVirtualHost *:80
If you'd prefer not to use virtual hosts for whatever reason, ensure that the NameVirtualHost is commented out (your <VirtualHost> blocks will be ignored) and change the DocumentRoot value to the proper directory:
DocumentRoot "/Users/username/Sites/mysite/app/webroot"
That should tell Apache to look in the right place.