I'm setting up a new site locally on a Windows machine for testing. In the document root, if I have an index.html it is served to the browser without problem. If I rename it index.php, the browser receives nothing. No error is raised server-side. I'm trying to understand why.
Vhosts
<VirtualHost *:80>
DocumentRoot "C:\websites\learn"
ServerName learn.loc
LogLevel alert rewrite:trace2
#PHP SETTINGS
php_value auto_prepend_file "C:\websites\learn\noop.php"
php_value open_basedir "C:\websites\learn"
<Directory "C:\websites\learn">
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
</Directory>
</VirtualHost>
Here is the .htaccess file that resides in the document root:
RewriteEngine on
#point to javascript learning project
RewriteRule ^js /javascript
RewriteRule ^js/(.*) /javascript/$1
Here is the mod_rewrite log generated when I load learn.loc/javascript (this folder has an index.php file)
[initial] [perdir C:/websites/learn/] pass through C:/websites/learn/javascript/
[subreq] [perdir C:/websites/learn/] pass through C:/websites/learn/javascript/index.html
[subreq] [perdir C:/websites/learn/] pass through C:/websites/learn/javascript/index.htm
[subreq] [perdir C:/websites/learn/] pass through C:/websites/learn/javascript/index.php
Nothing is added to Apache or PHP error log; The browser itself receives status code 200, along with the following response headers
Date: "..."
Server: "Apache/2.4.16 (Win32) PHP/5.6.23"
X-Powered-By: "PHP/5.6.23"
Content-Length: "0"
Keep-Alive: "timeout=5, max=100"
Connection: "Keep-Alive"
Content-Type: "text/html; charset=UTF-8"
The response body is an empty string. Like I said, if I rename the file to index.html the content (vanilla html file) is shown. What could be going on?
I figured it out. That was just me being careless. The problem was with this line from Vhosts config:
php_value auto_prepend_file "C:\websites\learn\noop.php"
More specifically, what was supposed to be a noop was really an execution killer.
noop.php
<?php
exit; // <- exits not just this script but all of PHP and returns to the browser
Once I removed the 2nd line, things were back in order. This also explains why renaming index.php to index.html got things working: it took PHP out of the loop entirely.
Related
Read almost all questions here, but no solution found. This drives me crazy already to do such simple stuff to run PHP on my localhost...
You don't have permission to access this resource.Server unable to
read htaccess file, denying access to be safe
ls -l
-rwxrwxrwx 1 user user 51 sep 27 14:42 .htaccess
ls -l
drwxrwxr-x 2 user user 4096 sep 27 15:17 www
Any help appreciated!
Check if there is an .htaccess file inside the www folder (and its permissions), since Apache looks for one at every directory up to the one where the requested file exists.
I'm coming from an Apache on Windows server background, but in regards to the .htaccess file, you can also put a "AllowOverride None" in your section of your httpd.conf file. At least in Windows, this means nothing can be overridden, therefore no need to look for .htaccess files.
You can also add a line to tell Apache that the "AccessFileName" is blank. Here are the entried I'm speaking of from my config file. I'm running a XAMPP server on Windows.
DocumentRoot "C:/xampp/htdocs"
<Directory "C:/xampp/htdocs">
Options Indexes FollowSymLinks Includes ExecCGI
AllowOverride None
Require all granted
</Directory>
AccessFileName ""
I have Apache (2.2.22 on Debian) configured to handle PHP files via FastCGI:
<FilesMatch ".+.php$">
SetHandler application/x-httpd-php
</FilesMatch>
Action application/x-httpd-php /fcgi-bin/php5-fpm virtual Alias
/fcgi-bin/php5-fpm /fcgi-bin-php5-fpm FastCgiExternalServer
/fcgi-bin-php5-fpm -socket /var/run/php5-fpm.sock -idle-timeout 600
-pass-header Authorization
To show a custom File Not Found (HTTP 404) page is configured in Apache as follows:
<Directory "/home/http/domain/root">
..
ErrorDocument 404 /pagenotfound.htm
..
</Directory>
Requests for non-existing non-PHP files are answered with the custom 404 pagenotfound.htm file. No problem.
But requests for non-existing PHP files are answered with http-status-header "HTTP/1.1 404 Not Found" and contents "File not found.", so not my custom error page. Problem!
The Apache error log shows (in the latter case):
[Sat Nov 21 14:03:07 2015] [error] [client xx.xxx.xx.xx] FastCGI: server "/fcgi-bin-php5-fpm" stderr: Primary script unknown
How can I configure a custom 404 page for non-existing PHP files when using PHP-FPM?
set "ProxyErrorOverride on" in either your global server config or in individual virtual hosts, see http://httpd.apache.org/docs/current/mod/mod_proxy.html#proxyerroroverride
When 'File not found' is shown instead of custom error page for non-existing .php files (and all other non-existing files get the correct custom error page)...
Centos 8, PHP 7.2.11
File: /etc/httpd/conf.d/php.conf
Add 'ProxyErrorOverride On' after the SetHandler
<FilesMatch \.(php|phar)$>
SetHandler "proxy:unix:/run/php-fpm/www.sock|fcgi://localhost"
ProxyErrorOverride On
</FilesMatch>
Not sure if required, but I then did:
systemctl restart httpd
Option: ProxyErrorOverride
ProxyErrorOverride can be used if you have access to the server's configuration. But it doesn't work within the .htaccess context and it will prevent PHP from outputting dynamic response bodies for all configured status codes (default: 400 to 599).
Option: <If> directive (Apache 2.4+)
Let Apache check if the file exists, before invoking PHP:
<Files "*.php">
<If "-e %{REQUEST_FILENAME}">
# Assuming PHP-FPM over Unix socket via mod_proxy_fcgi.
SetHandler proxy:unix:/path/to/php-fpm.sock|fcgi://
</If>
<Else>
# Ensure that *.php files are never handled by the default handler.
Redirect 404
</Else>
</Files>
Docs: <If>, Expression parser, Redirect
Option: mod_rewrite
The ErrorDocument can be triggered using mod_rewrite:
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule "\.php$" - [R=404]
Note: This only works if REQUEST_FILENAME has already been determined (so not in the server config or virtual host, but in a directory or .htaccess context). Otherwise it is equal to REQUEST_URI and that probably wouldn't be an existing local file.
I have a simple setup with Apache2.4 and PHP-FPM and I am trying to enable +Indexes option but I get 404 "File not found." when trying to access a folder that doesn't have an index file even when autoindex is enabled.
Here's part of my vhost:
#php
ProxyPassMatch ^/(.*\.php(/.*)?)$ unix:/var/run/fpm/fatal.sock|fcgi://
#super public directory with Indexes!
<Location /pub>
Options +Indexes
IndexOptions +FancyIndexing
</Location>
When I try to access http://domain.com/pub/ I expected to see a list of files I put there but instead I get error 404 Not Found.
I wonder where this comes from since ProxyPassMatch shouldn't forward the request because there is no .php in the query so next is directory index which looks for index.php which doesn't exists (404) but why then mod_autoindex doesn't work?
When I remove the ProxyPassMatch line the autoindex works just fine and I see the folder content listed.
Any ideas?
I found the answer here http://blog.famillecollet.com/post/2014/03/28/PHP-FPM-and-HTTPD-2.4-improvement
As the ProxyPassMatch directive is evaluated at the very beginning of each request:
AddType (for MultiView) or DirectoryIndex directives are not usable
right management per directory is not available
each Alias directive needs another proxy rule
The SetHandler directive, evaluated later, is much more flexible / usable.
So I changed my vhost to look like this and got rid of the ProxyPassMatch directive.
<FilesMatch \.php$>
SetHandler "proxy:unix:/var/run/fpm/fatal.sock|fcgi://"
</FilesMatch>
Note: this solution applies to Apache 2.4.9+
(I do wonder if there are any performance difference and in what direction?)
Apache HTTP Server 2.2.21 with VirtualHosts under SuExec
PHP 5.3.8 via fcgid
Arch Linux 2011.08.19
I am in the process of migrating from shared hosting to VPS. The code I had ran fine before the move but is now failing at this line:
require_once($_SERVER['DOCUMENT_ROOT'] . 'includes/content/header.php');
Error log says:
PHP Fatal error: require_once(): Failed opening
required '/srv/www/hostname/public/includes/content/header.php'
(include_path='.:/usr/share/pear') in
/srv/www/hostname/public/index.php on line 3
I tried the same line without the document root part, with and without ./, etc. with no luck. No difference with require, include_once, or include, either. Yet, I can verify that the file exists at that exact location by copy-pasting from the error log and cding to it…
But just to be absolutely sure, I tested the return values of the includes as well as file_exists—they all return false. Yet all of the files are chown'd by the SuExec user/group, and no combination of permissions helps (on directories or files); have tried from 644 to 777. What's going on here?
Edit:
Same result with files in the same directory.
Apache & SuExec error logs reports nothing.
Safe Mode is set to "Off" in php.ini.
dirname(__FILE__) and exec('pwd') return the same as $_SERVER['DOCUMENT_ROOT'] but without the trailing slash.
fread, file_get_contents, and realpath(dirname(__FILE__)) all return false.
set_include_path() has no effect.
Running require via php-cgi directly from the command line returns Internal Server Error while include returns blank output; running either via php returns blank output.
Here's my vhost config:
<VirtualHost *:80>
ServerAdmin admin#hostname.com
DocumentRoot "/srv/www/hostname/public/"
ServerName hostname.com
ServerAlias www.hostname.com
SuexecUserGroup hostname hostname
ErrorLog "/srv/www/hostname/logs/error.log"
LogLevel debug
CustomLog "/srv/www/hostname/logs/access.log" combined
<Directory /srv/www/hostname/public>
Order allow,deny
Allow from all
</Directory>
# http://www.linode.com/forums/viewtopic.php?t=2982
<IfModule !mod_php5.c>
<IfModule !mod_php5_filter.c>
<IfModule !mod_php5_hooks.c>
<IfModule mod_actions.c>
<IfModule mod_alias.c>
<IfModule mod_mime.c>
<IfModule mod_fcgid.c>
AddHandler php-fcgi .php
Action php-fcgi /fcgid-bin/php-fcgid-wrapper
Alias /fcgid-bin/ /srv/www/hostname/fcgid-bin/
<Location /fcgid-bin/>
SetHandler fcgid-script
Options +ExecCGI
Order allow,deny
Allow from all
</Location>
ReWriteEngine On
ReWriteRule ^/fcgid-bin/[^/]*$ / [PT]
</IfModule>
</IfModule>
</IfModule>
</IfModule>
</IfModule>
</IfModule>
</IfModule>
</VirtualHost>
First make sure the file exists...
Then try to navigate to it using
www.hostname/public/includes/content/header.php (if your using
something local it would be
localhost/public/includes/content/header.php)
If that does not load either something is wrong with your
installation or your file is corrupt.
Try loading the header from somewhere else
Did you check permission of folders containg that files ?
Folder should has read permission for apache (or any user that runs http-server).
Have you try add path to include path ?
$path = '/includes/content';
set_include_path(get_include_path() . PATH_SEPARATOR . $path);
http://php.net/manual/en/function.set-include-path.php
It always works to me ->
if ( DIRECTORY_SEPARATOR == '/' )
{
$path = dirname(__FILE__).'/';
}
else
{
$path = str_replace('\\', '/', dirname(__FILE__)).'/';
}
give a try!
[EDITED]
using dirname() function always works! $path = dirname(__FILE__).'/'; perhaps the problem is in your server. Not in the programming (script).
DerfK over at ServerFault nailed it: it was an open_basedir restriction.
Circling back to post the solution:
I didn't realize that open_basedir was unaffected by Safe Mode being off—it was looking in /srv/http/ but not /srv/www/, which would be the containing directory for /srv/www/hostname/public/includes/content/.
I'm trying to create a wrapper/handler that will be called on the Apache server whenever someone requests any PHP script inside of a directory. That way I can authorize users for the entire directory or write some other stuff to be called when the directory is called.
This is the best configuration I've been able to come up with...
<Directory "/srv/http/INNOV/PUBLIC_HTML">
Options -Indexes
AllowOverride All
Order allow,deny
Allow from all
DirectoryIndex index.php
</Directory>
Then in /srv/http/INNOV/PUBLIC_HTML/kb/ I have this .htaccess file...
Options -Indexes
AddHandler auth_handler .php
Action auth_handler ../auth_handler.php
Then in /srv/http/INNOV/PUBLIC_HTML/kb/auth_handler.php is as follows...
<?php
$FILE = $_SERVER['PATH_TRANSLATED'];
echo $FILE;
?>
Access Log:
- - [02/Dec/2010:17:43:15 -0500] "GET /kb/index.php HTTP/1.1" 400 590
Error Log:
[Thu Dec 02 17:50:19 2010] [error] [client XXX.XXX.XXX.XXX] Invalid URI in request GET /kb/ HTTP/1.1
I've checked my browser and it seems to be making a proper request.
nvm, all I had to do was remove the ../ in the htaccess file. DUR! Apologies.