I've got a few files on wwwroot/uploads which need to be publicly accessible by anyone.
It currently throws a 404 Error, but the file exists, and the URL I'm using is correct. Can anyone guide me to configuring the access controls to this folder?
I've tried using .htaccess files (allow all), and also tried messing with the web.config file. No luck though. (The access attributes need to be applied recursively to all children of the 'uploads' directory.
Thanks all!
Update:
The problem was IIS was not configured to support the .mp4 MIME type I was trying to use. Just added that in there in the main web.config file and it works now :)
Thanks to #misaim for his help :)
This could be due to the MIME type not being enabled for media files by default. Try removing the web.config and enabling mp4 or image file and see if your errors go away.
https://en.wikipedia.org/wiki/Media_type
Have you tried changing the Systems permissions of the files? Not just the web server permissions? i.e. chmod -R 777 (Don't actually do this, use correct permissions, this is to open).
Related
I'm using the PHP copy function to copy a file from one folder to another. But if the folder I'm copying to is a Dropbox folder, it doesn't work. This works fine and the file is copied into the test2 folder:
copy('c:/test/test.txt','c:/test2/test.txt');
This doesn't work and the file is not copied:
copy('c:/test/test.txt','c:/Dropbox/test.txt');
Dropbox is my root Dropbox folder. Does anyone know of why this is happening and what I can do to fix this? I'm using IIS and PHP on Windows Server. Thanks in advance.
Make sure your path is exactly as it appears to be. Also consider case sensitivity. That is usually a problem that throws me off. Also make sure that all permissions to the 3rd party app are validated.
So I figured out the issue. It was an issue with the permissions on the Dropbox folder. For some reason when Dropbox created the folder, it doesn't allow the folder to inherit permissions. To fix this, I right-clicked on the Dropbox folder, selected Properties, went to the Security tab, clicked on Advanced, and then selected enable inheritance.
This allows the Dropbox folder to inherit permission from it containing folder and fixed my issue.
So this is what's happening. I don't know how to explain this.
I made a software which uploads file to my website's FTP location. It's working as it should.
As you can see in the folder that inside public_html/phphostrot.rviews.xyz/user_rot/ there are 2 php files. But when i visit the url http://phphostrot.rviews.xyz/ i get a blank page with inder of / and nothing else. And if i try to access http://phphostrot.rviews.xyz/user_rot/ I get 404 error. Even the link to the file is not working. I don't know what's the problem.
I think it's a issue with the file permissions. Have you configured your server to serve files from your public directory.
Try changing the ownership of the files to www or apache
app, img, wp-admin, wp-content, wp-includes?
check file permissions (+x), as #atefth said, check owner.
check webserver config. and check apache/nginx logs
I've installed mediawiki on my webserver (with directadmin), but I'm having trouble enabling the uploading of images (a .jpg in this case)
I've set $wgEnableUploads = true; in the settings and checked that the images folder is writeable (it's set to 755). But when I try to upload a test image called testimage.jpg I get the error:
Could not store file "/tmp/phpjNV3oh" at "mwstore://local-backend/local-public/1/13/testimage.jpg".
Since I'm on shared webhosting and only have acces to the directadmin interface I can't set the owner of the images folder (which is an answer here). I've tried setting the folder to 777, and that doesn't change anything either.
Does anyone know what the problem is? Could it be that I'm using cloudflare? Also, why is the url returned in the error (mwstore://local-backend/local-public/1/13/testimage.jpg") not a normal url (like mysite.com/wiki/images or something)?
I had this problem twice on shared hosts, and there were two solutions for me.
One:
Set $wgHashedUploadDirectory = false on LocalSettings.php, then try to upload another file.
Doing this all your files will be uploaded to $wgUploadDirectory, /images/foo.jpg instead of /images/x/xx/foo.jpg
Please note that if you change this now, you should not set it to true in the future, else you will need to manually move your files into the hashed directory structure.
Two:
Contact your host's support service
When i emailed the situation to my host's support service, they replied that all folders inside /my_wiki/images were owned by root instead of apache-user, and since i couldn't chown they did it.
You need to set the proper security context type so that SELinux stops complaining.
sudo chcon -R -t httpd_sys_script_rw_t /var/www/mediawiki123/images/
Don't forget to set the directory back to the correct permissions.
sudo chmod 755 /var/www/mediawiki123/images/
For all of your SELinux needs, browse through here.
I think this question should be something easy but after searching all over the web I couldnt find an answer, so I decided to ask here.
I have a file uploader in my website that works with php. The folder where files are being uploaded has 777 chmod. I also have a php script to list the files in that folder. What I need is to allow php to upload and browse files on that folder, but dont allow people to do it. The only solution I imagined is to chown that folder to another user different than default, so I could later chmod in filezilla and allow only owner to do it, so people will see the files trough the output of the php script, but not if they navigate to that folder.
Im using Debian, apache2. Id like to know what could I do.
To make it shor, my aim: allow php to upload, read, write and execute files in that folder, but not clients unless they use my php script.
Thanks in advance
Put all the files you're talking about in their own directory. Add a .htaccess file to that directory. The contents of the .htaccess should be deny from all.
This will prevent any user from manually accessing the files as access will be blocked off. Your PHP script can still browse the contents of the file and serve it up as an attachment with the correct content type.
For more info on how to serve a file for download in PHP, read this: https://serverfault.com/questions/316814/php-serve-a-file-for-download-without-providing-the-direct-link
All services including web servers run in a security context which is an account in the OS, for example apache starts using apache user in apache group. It is enough to change mode and change owner to this user and group. Never chmod a directory to 777 until there is a good explanation for that. Using this trick, web service process only can read, write and execute in that directory.
As well, if you want the browser clients not to see(read) the contents of that directory, you should deny listing on that directory. I think it is disabled for default.
I have an upload script that runs on a windows webserver 2008. The uploads works nice, the file is created on the server. But when I try to access the uploaded image file via http, I just get an error 401. How can I resolve this?
EDIT: setting the chmod to 0777 after the file has been uploaded did not help, too.
That did it: https://serverfault.com/questions/85983/iis-iusrs-cannot-access-files-uploaded-and-created-by-network-service-error-401/229151#229151
For security reasons, many websites sequester uploaded files until they are validated, at which time they are made publicly accessible. If this is the cause, you'd have to ask the site's administration.
So to summarize : one of the solutions is :
Edit "upload_tmp_dir" inside of php.ini and for example set to "C:\my_temp_folder"
Than right click to folder and security tab than give modify permission to the IUSRS user ;)