I have successfully installed suhosin in my server and I'm blocking the devil PHP eval function on some virtualhosts with this configuration:
<VirtualHost 123.123.123.123:80>
<Directory /var/www/html/www.example.com>
#SUHOSIN
php_admin_value suhosin.executor.disable_eval On
</Directory>
</VirtualHost>
However, I need to enable eval on some specific URL since it is used by the platform on some specific cases. I've tried the following:
<VirtualHost 123.123.123.123:80>
<Directory /var/www/html/www.example.com>
# SUHOSIN
php_admin_value suhosin.executor.disable_eval On
</Directory>
<Location "/some/path">
# Reenable eval for this path
php_admin_value suhosin.executor.disable_eval Off
</Location>
</VirtualHost>
And also with the tag LocationMatch, with no success (it's like if it was not there: no effect at all).
Any ideas how can I have this directive working just for a specific path?
Thanks
I am not using SUHOSIN, I solved with different php.ini files for each website.
Something like:
<VirtualHost 123.123.123.123:80>
[...]
PHPINIDir /path/to/specificinifile
[...]
</VirtualHost>
Hope this helps.
Related
I'm already using open_basedir to restrict a VirtualHost to a certain directory:
<VirtualHost *:80>
ServerName test.example.com
DocumentRoot /sites/test/www
php_admin_value "open_basedir" "/sites/test/www"
<Directory />
AllowOverride All
Require all granted
</Directory>
</VirtualHost>
How to disable the use of ini_set or exec, but only for this particular VirtualHost (and not for the others)?
You're looking for the disable_functions entry in your php.ini.
So you want a different php.ini for your particular VirtualHost. That could be done via "PHPINIDir"
<virtualhost *:80>
ServerName www.example.com
DocumentRoot /path/to/example.com
PHPINIDir /whatever/path/to/php.ini
</virtualhost>
UPDATE: I removed the example with php_admin_value because, as others have noted in the comments, it wouldn't work with this particular setting. As was discussed here: php_admin_value disable_functions not working ( sorry ... should have looked it up beforehand).
I have 2 different virtual hosts on my apache server. One of them needs php7.x and another need php5.x.
Is it possible to use project-specific PHP versions?
I have tried the following,
Running two PHP versions on the same server
but my apache server crashed saying there's some syntactical error in one of the fpm's config file.
Also I cant follow this solution since It advices to uninstall apache and start over again and I can't do that on a live server.
Is there any way to do this without uninstalling the apache server.
Thank you for your suggestions.
for windows on file httpd-vhosta.conf
<VirtualHost *:80>
DocumentRoot "d:/server/htdocs/"
ServerName localhost
ServerAlias www.localhost
<Directory "d:/server/htdocs/">
Require all granted
<Files ~ "\.php$">
AddHandler fcgid-script .php
#FcgidWrapper "d:/server/php/php-5.6.40-Win32-VC11-x64/php-cgi.exe" .php
FcgidWrapper "d:/server/php/php-7.1.24-Win32-VC14-x64/php-cgi.exe" .php
Options +ExecCGI
</Files>
</Directory>
ErrorLog "D:/server/apache/logs/error-localhost.log"
SetEnv APP_ON_LOCAL 1
</VirtualHost>
I am trying to install pimcore 5 with php 7.
When i enter the data to the install form (db name, user, pass.. etc) and press check requirements or install two different ajax post calls happen. When i get the result from both post calls i get 403 forbidden error, ther response is only "Forbidden".
Don't know what to change, and what caused the error.
My server has php 7.1, all the minimum requirements are sufficient.
Please help, regards Dejan
Thats conf file.
<VirtualHost 91.185.211.24:80 >
ServerName www.tmp.kropec.eu
ServerAlias www.tmp.kropec.eu tmp.kropec.eu
ServerAdmin webmaster#kropec.eu
DocumentRoot /home/ropc01/domains/kropec.eu/public_html/tmp
UseCanonicalName OFF
<IfModule !mod_ruid2.c>
SuexecUserGroup ropc01 ropc01
</IfModule>
CustomLog /var/log/httpd/domains/kropec.eu.tmp.bytes bytes
CustomLog /var/log/httpd/domains/kropec.eu.tmp.log combined
#ErrorLog /var/log/httpd/domains/kropec.eu.tmp.error.log
ErrorLog /dev/null
<Directory /home/ropc01/domains/kropec.eu/public_html>
AllowOverride AuthConfig FileInfo Indexes Limit
Options=Indexes,IncludesNOEXEC,MultiViews,SymLinksIfOwnerMatch,FollowSymLinks ,None
Options -ExecCGI -Includes +IncludesNOEXEC
php_admin_flag engine ON
php_admin_value sendmail_path '/usr/sbin/sendmail -t -i
-f ropc01#kropec.eu'
php_admin_value mail.log /home/ropc01/.php/php-mail.log
</Directory>
</VirtualHost>
Tnx!
Solved. Obviusly my host doesn work with tmp subdomains. Sorry i bothered.
Alright, I have spent hours searching through very similar questions but I still don't seem to have found the answer:
I have set up a virtual host with the following in my httpd-vhosts.conf
Listen 80
<VirtualHost *:80>
ServerName test.dev
ServerAlias test.dev
DocumentRoot "/Users/OrangeSoda/OneDrive/Projects/Test/Website"
ErrorLog "/private/var/log/apache2/test.dev-error_log"
CustomLog "/private/var/log/apache2/test.dev-access_log" common
<Directory "/Users/OrangeSoda/OneDrive/Projects/Test/Website">
Options all
AllowOverride all
Require all granted
</Directory>
</VirtualHost>
In my http.conf I have Include /private/etc/apache2/extra/httpd-vhosts.conf as well as LoadModule vhost_alias_module libexec/apache2/mod_vhost_alias.so uncommented.
When I go to test.dev/index.php which just has <?php echo "PHP TEST"; ?>, I see the contents of the file output as a string.
It seems as though PHP is not enabled and is therefore not being recognized.
If i go to localhost, I do see the "It Works!" page, so I know php is working, just for some reason not on my virtual host.
Someone suggested to put php_admin_flag engine on but that just makes the whole page crash.
Does anybody understand why php is not enabled here?
Have you checked if port 80 is opened? It might help more if you include detailed log.
You're on the right track but you need to actually load php onto the virtual host. On the <Directory> entry, add these lines :
<IfModule sapi_apache2.c>
php_admin_flag engine on
</IfModule>
<IfModule mod_php5.c>
php_admin_flag engine on
</IfModule>
I got the solution from here.
It looks like mod-php may not be installed. What OS are you on?
On Ubuntu/debian:
sudo apt-get install php5
on redhat:
sudo yum install php
The solution was that while php was enabled, for some reason the default setting in httpd.conf was not to read .php files as .php.
Although I am not really sure why that would not be the default setting, I added the following to my httpd.conf and now it works just fine:
AddType application/x-httpd-php .php
I am trying to set up simpleSAML.php but I am running into an issue with the Apache Alias directory. I have successfully used Alias so that when the user visits domain.com/auth then it uses the folder /var/saml/www.
However, for some reason it just lists the contents of the folder /var/saml/www rather than running the index.php file.
I have included the relevant virtual host below.
<VirtualHost *:80>
ServerAdmin helpdesk#domain.com
DocumentRoot /var/www/html/open
ServerName open.domain.com
ErrorLog logs/open.domain.com-error_log
CustomLog logs/open.domain.com-access_log common
Alias /auth/ /var/saml/www
Alias /auth /var/saml/www
<Directory /var/saml/www>
Options All
Order allow,deny
Allow from all
</Directory>
</VirtualHost>
You can add the following line to your config:
AddType application/x-httpd-php .php
This way apache knows it has to parse the files using php.
P.S. I think you may have to restart Apache rather than a reload.
Update
As Alfabravo commented:
Agree. He also needs to check the DirectoryIndex directive and add index.php to it