I have WD MyBookLive 2TB, and did the following:
saved my own .htaccess to /var/www/mysebserver that points to my own .htpasswd located at /etc/apache2/.
Gave 777 permission to .htaccess
All my webpages located on the same folder with .htaccess.
The .htaccess file is:
AuthType Basic
AuthName "Restricted Content"
AuthUserFile /etc/apache2/.htpasswd
Require valid-user
The issue is that the basic authentication is not enabled, I still can access the HTML files without any authentication.
Moreover it seems .htaccess files are ignored even if I set in apache2.conf the followings:
<Directory /var/www/>
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>
404 Internal Server Error is thrown when AllowOverride All
Apache version: 2.2.9
It seems WD MyBookLive is ignoring the .htaccess and .htpasswd files
How do I activate Basic Authentication?
So I just try your config in my .htaccess file and get base login form after that.
I found the article "How To Set Up Password Authentication with Apache on Ubuntu 14.04" (https://www.digitalocean.com/community/tutorials/how-to-set-up-password-authentication-with-apache-on-ubuntu-14-04)
I think it can happens becouse you don't installed apache2-utils.
Please, try next commands:
sudo apt-get install apache2-utils
sudo service apache2 restart
Resolution 1 :
Step 1: Installing the Apache utility Package
We will use a utility called htpasswd, part of the apache2-utils package, to create the file and manage the username and passwords needed to access restricted content.
sudo apt-get update
sudo apt-get install apache2-utils
Step 2: Creating the Password File
Now have access to the htpasswd command. We can use this to create a password file that Apache can use to authenticate users.
sudo htpasswd -c /etc/apache2/.htpasswd user
Suggestion : Leave out the -c argument for any additional users you wish to add:
sudo htpasswd /etc/apache2/.htpasswd another_user
NOTE : If we view the contents of the file, we can see the username and the encrypted password for each record:
cat /etc/apache2/.htpasswd
Step 3 Configuring Apache Password Authentication
Now that we have a file with users and passwords in a format that Apache can read, we need to configure Apache to check this file before serving our protected content. We can do this in one of two ways: either directly in a site’s virtual host file or by placing .htaccess files in the directories that need restriction.
Option 1: Configuring Access Control within the Virtual Host
The first option is to edit the Apache configuration and add the password protection to the virtual host file. This option requires access to the configuration, which isn’t always available, but when you do have access.
Begin by opening up the virtual host file that you wish to add a restriction to.
sudo nano /etc/apache2/sites-enabled/example.conf
Authentication is done on a per-directory basis. To set up authentication, you will need to target the directory you wish to restrict with a block. In our example, we'll restrict the entire document root
Within this directory block, specify that we wish to set up Basic authentication.
- For the AuthName, > choose a realm name that will be displayed to the user when prompting for credentials.
- Use the AuthUserFile directive > to point Apache to the password file we created.
- we will require a valid-user > to access this resource, which means anyone who can verify their identity with a password will be allowed in
Now you need to save and close the file when you are finished.
NOTE: Before restarting the web server, you can check the configuration with the following command:
sudo apache2ctl configtest
If everything checks out and you get Syntax OK, then restart the server to implement your password policy.
Option 2: Configuring Access Control with .htaccess Files
To enable password protection using .htaccess files, open the main Apache configuration file:
sudo nano /etc/apache2/apache2.conf
Find the block for the /var/www directory that holds the document root. Turn on .htaccess processing by changing the AllowOverride directive within that block from "None" to "All":
Save and close the file when you are finished.
Next, we need to add a .htaccess file to the directory we wish to restrict. Also, we'll restrict the entire document root (the entire website) which is based at /var/www/HTML, but you can place this file in any directory where you wish to restrict access
sudo nano /var/www/html/.htaccess
Within this file, specify that we wish to set up Basic authentication.
For the Auth Name > choose a realm name that will be displayed to the user when prompting for credentials.
Use the AuthUserFile directive > to point Apache to the password file we created.
we will require a valid-user > to access this resource, which means anyone who can verify their identity with a password will be allowed in
Step 4 — Confirming Password Authentication
To confirm that your content is protected, try to access your restricted content in a web browser. You should be presented with a username and password prompt that looks like this:
Save and close the file. Restart the web server to password protect all content in or below the directory with the .htaccess file
After some weeks of trying I succeeded with Digest Authentication with is better than Basic Authentication.
I Installed WebDav server on My Mook Live and after that I put PHP files inside webdav shared folder.
I configured PHP files t have only read Permission.
Here it is a tutorial of how to configure WebDav server on MyBookLive
If you plan to use .htaccess file for basic authentication. you will need an AllowOverride directive like the following:
AllowOverride AuthConfig
activate mod_rewrite: sudo a2enmod rewrite
edit /etc/apache2/sites-available/000-default.conf
<VirtualHost *:80>
<Directory /var/www/mywebserver>
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Require all granted
</Directory>
. . .
</VirtualHost>
restart service: sudo systemctl restart apache2
create .htaccess file in /var/www/mywebserver/ and add following line in the top , and other lines bottom
RewriteEngine on
Related
I tried to install phpMyadmin in MacOs. But When I go to localhost/phpmyadmin it says Forbidden You don't have permission to access this resource. My phpMyAdmin folder is in
/usr/local folder in Finder. I configured the phpmyadmin.conf file with sudo nano /etc/apache2/other/phpmyadmin.conf with the following codes:
<Directory /usr/local/phpmyadmin>
Options Indexes
Order allow,deny
Allow from all
allow from 127.0.0.1
allow from 192.168.1.0/15
</Directory>
What should I do to get rid of this error?
Find file httpd-xammp.conf, change 'Require local' to 'Require all granted', save file and restart apache
You need to check 2 things:
that your phpmyadmin folder (/usr/local/share/phpmyadmin by default, but judging by your question I assume it's /usr/local/phpmyadmin; be sure to check on that too) is readable by your user and that directories that needs to be writeable by you are.
that you have correct order for Allow and Deny settings for that directory (you either deny from all and then allow from certain locations, or allow from all locations and then disallow from some).
I suggest changing the config file to look like this:
<Directory /usr/local/phpMyAdmin/>
Options Indexes
Order Deny,Allow
Deny from All
Allow from 127.0.0.1
Allow from 192.168.1.0/15
</Directory>
Make sure that the path in <Directory /usr/local/phpMyAdmin/> is pointing to your phpmyadmin location.
Also I'm not sure there should be Options Indexes line in the config, try removing it temporarily.
Upd: You need to restart apache after making changes to config files (usually it's sudo service apache2 restart)
I have installed Apache version 2.4.29-1 in Manjaro Linux. The document root is /srv/http where apache properly displays files. But I don't like the idea of coding into the root user's directory of my system, so I want to keep the code in /home/aditya/Prog/PHP
I have set apache to access the directory by adding following lines into /etc/httpd/conf/httpd.conf
<Directory /home/aditya/Prog/PHP>
Options Indexes FollowSymLinks Includes ExecCGI
AllowOverride All
Require all granted
Allow from all
</Directory>
Also, I have added a link to this directory in /srv/http
sudo ln -s /home/aditya/Prog/PHP/ PHP #in /srv/http
But when I try to access localhost/PHP, I get
Access forbidden!
You don't have permission to access the requested object. It is either read-protected or not readable by the server.
If you think this is a server error, please contact the webmaster.
Error 403
localhost
Apache/2.4.29 (Unix) PHP/7.2.3
The permissions of /home/aditya/Prog/PHP and the test file inside are
drwxrwxrwx PHP
-rwxrwxrwx test.php
What else do I need to do?
You also need to change the DocumentRoot setting in your httpd.conf file.
Look for DocumentRoot and set the path to /your/path/to/project.
Apache2 site specific config files are kept in /etc/apache2/sites-available/. If you only want to apply config settings for a specific site.
I am fairly new to server-side web development and am trying to get a local server up and running. I'm using an apache 2 server on my mac, but can't for the life of me get localhost to give me anything but 404 Not Found error. I'm putting localhost/~ and my username in the search bar and still nothing. I've been following a lynda.com tutorial to configure my personal site folder and haven't had any luck.
I'm trying to configure a personal site folder, or at least that is the terminology used in the tutorial. I created a "Sites" folder in my home directory. Then, I put an "index.html" file in the "Sites" folder to test.
After that, I configured a "httpd.conf" file through my terminal by entering "sudo nano/etc/apache2/httpd.conf". He had me un-comment the following lines:
LoadModule userdir_module libexec/apache2/mod_userdir.so
Include /private/etc/apache2/extra/httpd-userdir.conf
After doing this, I exited the file and saved the changes. I then entered into the terminal:
sudo nano /etc/apache2/extra/httpd-userdir.conf
Here I uncommented the following line:
Include /private/etc/apache2/users/*.conf
I then entered into the terminal
cd /etc/apache2/
And then:
cd users
I entered:
sudo nano jacobbryant.conf
In this file, I made sure it only contained:
<Directory "/Users/jacobbryant/Sites/">
Options Indexes MultiViews
AllowOverride None
Require all granted
</Directory>
I then exited this file and restarted the apache server with:
sudo apachectl restart
After this, I went to my browser and typed in "localhost/~jacobbryant" and got a "404 Not Found" error.
I am not sure what #jhilgeman is talking about. Apache has an extension for Per-user web directories that must be setup in order to map ~username to the home directory specified in the configuration. It looks like you have enabled the correct extension but missed the UserDir directive.
For Example: UserDir public_html will serve /home/myuser/public_html at http://your.host.tld/~myuser/
For you example, ditch the <Directory> and use the UserDir directive instead. Please read over https://httpd.apache.org/docs/2.4/howto/public_html.html for setup instructions.
I am using Fedora 24 on VirtualBox to host a small PHP web app. I am trying to append text into a file that is in the same local directory as the PHP file (/var/www/html/). No matter what kind of permissions or ownerships I try to set onto the directory (html/) or the file I constantly get "Permission denied in /var/www/html/pdf.php on line 21" errors.
Is there any configuration settings in my php.ini file that I need to enable to allow editing of files? I've even tried setting the directory and file to chmod 777 just to see if it would give me access but even that is being rejected.
EDIT: I have also tried creating directories and files in other locations with the same results. I tried to have Apache run the mkdir and touch commands with the same results.
EDIT 2: At the request of the comment left to my initial question. Here is the ownership information for the target directory:
ls -l /var/www/html/
drwxrwxr-x. 2 apache apache 4096 Nov 23 21:28 docs
The ownership information for the file:
-rwxrwxr-x. 1 apache apache 1381 Nov 28 17:47 pdf.php
Try assigning to www-data:nobody
chown -R www-data:nobody *, check apache group on your httpd.conf.
Verify /var/html perms to 775 at least.
Spent a lot of time looking for this answer but it's all in bits and pieces and no one every posts a solution (well most of the time) so here is my solution and it's used on various web control panels as well.
install and use MOD_RUID2
Install PHP with CLI (this is standard on newer versions)
In your HTTPD.CONF file in the virtual hosts, you'll add the following, replacing username with the user's login name, and usergroup with the user's group (These are usually the same)
<IfModule !mod_ruid2.c>
SuexecUserGroup username usergroup
</IfModule>
<IfModule mod_ruid2.c>
RMode config
RUidGid username usergroup
RGroups #none
</IfModule>
An example of a Virtual host conf is:
<VirtualHost *:443>
DocumentRoot "/home/imtheuser/public_html"
ServerName imtheuser.com
<IfModule !mod_ruid2.c>
SuexecUserGroup imtheuser imtheuser
</IfModule>
<IfModule mod_ruid2.c>
RMode config
RUidGid imtheuser imtheuser
RGroups #none
</IfModule>
<Directory "/home/imtheuser/public_html">
allow from all
Options None
Require all granted
</Directory>
</VirtualHost>
This will allow apache/php to write to a directory owned by the user. It's much safer then setting your chmod to 0777.
I have setup apache according to this article
https://help.ubuntu.com/community/ApacheMySQLPHP
and I have created a new site config in /etc/apache2/sites-available/mysite
and changed the document root and directory to :
DocumentRoot /home/gapton/public_html
<Dictory />
..
..
</Directory>
<Directory /home/gapton/public_html/>
...
...
...
...
</Directory>
and I sudo a2dissite default && sudo a2ensite mysite to disable and enable them, restarted apache2 and things are working.
I then setup vsftpd and config the vsftpd.conf file to :
local_enable=YES
write_enable=YES
connect via Notepad++ with the user 'gapton' and I created a file called test.php under home/gapton/public_html. It would not be readable by Apache it seems. I did sudo chmod -R 755 ~/public_html and it would load alright.
However any subsequent files created via vsftpd will not be readable.
Since I have logged in to the only account gapton when connecting via FTP, then any newly created file should be owned by gapton right? What happens when apache tries to access a file/folder location, what credentials does it access it by?
How do I config it so that all files created by gapton can be read by apache? (Also, is it at all advisable?)
Thanks.
I found the problem.
In older version of vsftpd, the umask they apply when writing file was by default 022.
In the current version, such default value has been changed to 077. This mask read 4 write 2 and execute 1 for everyone except the owner.
Changing the umask value in the vsftpd.conf file back to 022 has solved my problem. Hope this help future users of vsftpd facing the same issue.