So I am trying to get Symfony working on my server by following these install instructions.
http://symfony.com/doc/current/book/installation.html#book-installation-permissions
I got to the part where I ran this command in console in the directory where I wanted the framework to be installed.
symfony new my_project_name
I then followed these instructions to set my web root directory to /web as I believe I'm supposed to do?
It installed all the files correctly since I can see them in the folder. I made sure to restart apache and I'm positive document root is in the correct location.
http://tecadmin.net/how-to-change-document-root-of-primary-domain-in-cpanel/#
Once I did this I was supposed to be able to test the installation, but nothing seems to happen except that 406 error?
This is the exact error I get.
An appropriate representation of the requested resource /app.php could not be found on this server.
Additionally, a 500 Internal Server Error error was encountered while trying to use an ErrorDocument to handle the request.
I'm not sure what else to do.
Please note, that since I'm using CPANEL I can't change the virtual host configurations of apache if that is the issue, so I'm looking for a CPanel specific answer. Thank you!
Okay so I finally figured out what to do, I had 2 problems. Because I installed as the 'root' user I had to run the following command on the symfony installation.
chown -R devdistribution:devdistribution .
In my case, my username is devdistribution but you would just put your own. Make sure to do this on the top level not just the /web folder.
I knew this was one of the errors because the apache log said something along these lines
Mismatch between target UID (520) and UID (501) of file "/home/devdistribution/public_html/distribution_tech/web/app.php"
This fixed the 500 error, but not the 406. To fix the 406 error you need to login into WHM and type modsecurity to find it in the search field.
go to the configuration option for it, you will see this.
Rules Engine SecRuleEngine
This setting controls the behavior of the rules engine.
Process the rules.
Do not process the rules.
Process the rules in verbose mode, but do not execute disruptive actions.
Select 'Do not process the rules'. Then save at the bottom. This fixed the issue for me and I was able to see the opening symfony screen!
However, this I'm sure leaves security vulnerabilities now...so I still need help on the proper way to handle mod security with symfony in this case if anyone knows? I'll make a separate question for this.
Step 1:
Login to your cPanel account and start searching for the file manager icon under the files section.
Step 2:
As always, you need to make sure, you see the public_html directory. Depending on the web hosting you have, you may also see the home directory after opening the file manager.
Step 3:
Find the .htaccess file and right-click to edit.
Step 4:
After choosing an edit option, you see a popup asking to disable encoding if you wish. You have to click on the Edit button to continue.
Step 5:
On a new tab, you can see many rewritten rules. You have to add the code to the .htaccess file.
<IfModule mod_security.c>
SecFilterEngineOff
SecFilterScanPOSTOff
</IfModule>
Related
I'm not programmer and I don't know coding.
I use opencart 2.1.0.1. I cannot access "customer/customer", "customer/customer groups", "customer/custom fields" page it said "You do not have permission to access this page, please refer to your system administrator". Well I'm the only administrator.
All access permission has been selected from settings but I didn't see customer/customer, customer/customer groups and customer/custom fields from permission listings.
So Daniel Kerr suggest me to replace json with the one from master branch.
I replace system/helper/json.php with the code from this link [Branch Master for json.php][1]
I edited json.php by using putty.
But still cannot access customer page. Please someone guide me how to replace json with master branch.
To get code from another branch you have 2 options. One is to check out that one file.
Got checkout master -- /path/to/file.json
The other is to use git show
Git show master:path/to/file.json > path/to/file.json
The first option is probably the preferred one
Make sure that used folders has a insufficient privileges. Try chmod -R 777 for /var/www/your_project folder. I think your problem is in the lack of privileges for the project files.
If it will not help, check your .htaccess file and allow/deny rules (if you getting "access denied" from web browser). See https://github.com/opencart/opencart/blob/master/upload/.htaccess.txt and don't ignore this rules by file (maybe you didn't):
# 1.To use URL Alias you need to be running apache with mod_rewrite enabled.
# 2. In your opencart directory rename htaccess.txt to .htaccess.
# For any support issues please visit: http://www.opencart.com
I finally found the solutions. There are missing files in /www/my_project folder. Recovered the missing customer.php files and resolved! Thanks everyone
I can find dozens of articles on installing CakePHP in a sub-directory and getting it to appear in the root url. That is NOT what I am asking for. I rarely down-vote, but if you give that answer, I will down vote you.
I have CakePHP in my root directory on my hosting server. It's a clean Apache server instance... I think. I'm really not a server guy. I created a new account through WHM on Hostgator and have CakePHP sitting in the public_html.
However, there is no domain name associated with this server yet. The URL is like this:
http://123.456.0.0/~example/
And CakePHP gives me the following errors:
Error: ~exampleController could not be found.
Error: Create the class ~exampleController below in file:
app/Controller/~exampleController.php
I imagine there's some .htaccess configuration that makes it ignore that /~example in the URL. Can someone point me in the right direction, even if it's just the right page in the CakePHP docs?
By partially following the advice at http://bakery.cakephp.org/articles/syl-via/2011/09/19/rewritebase_config_for_cake_installation_with_userdir_and_mod_rewrite I was able to make this work by adding the following to the .htaccess file in the root of the Cake install:
RewriteBase /~example
I put this after RewriteEngine on for it to work.
In other words, if your Cake install is at /home/example/ then it's the /home/example/.htaccess file that you'd change.
I didn't edit app/.htaccess or app/webroot/.htaccess because it seems to work without these files needing to be edited.
Please note that I tested this with the latest version of Cake (2.3.5) -- I don't know if it will work the same way in older versions.
For a bit of history - this is the first time I attempted to setup a test symfony project, just to have a play with it.
The symfony project was setup in the following location:
~/symfony_projects/myproject/
Now, with cpanel, the httpd.conf is automatically generated (but I'm sure you knew that), and it uses ~/public_html/ as the web root and splits it up by domain name (virtual hosts) - so for this example, lets say it's ~/public_html/example.com/.
So the symfony project is all setup now, the next problem was trying to figure out how to setup the server so it points to the /web part of the project - this is where I found it tricky.
I tried doing the following:
ln -sf ~/public_html/libs/Symfony/data/web/sf ~/symfony_projects/myproject/web/sf
ln -sf ~/symfony_projects/myproject/web/* ~/public_html/example.com
That unfortunately didn't work though. When trying to go to http://www.example.com it just gave me a 500 error.
Any other options here? Taking into consideration that I cannot modify the httpd.conf. And even if I could, it's auto-generated and would rather not (in cpanel).
* Update *
I just tried what was suggested by #Dan, but with the same issue - getting HTTP Error 500 (Internal Server Error). So, it looks like something else is the issue.
I checked my error_logs but didn't see anything useful there. Is there any other way I can check to see what the problem is?
* Another Update *
Just tried http://example.com/frontend_dev.php and it works perfectly - gives no errors at all, which makes it kind of hard to debug the production controller.
So the Development controller works flawlessly and the production is spitting out the 500 error - any ideas? :/
I just copy everything out of web/ (including css/, js/, etc. subfolders) one level higher, then edit the index.php/yourapp_dev.php files' require statements to reflect the change in path. Add some rewrite rules to forbid direct access to the rest of the directories and you're all set on servers where you can't change the document root.
If you look at the http.conf virtual host entry for the symfony project the last line in generally a commented out include statement. If you uncomment that line you add any extra virtual host configs you need into that file. Then just restart apache. Anything in the file will then be appended in place of the include statement.
Background -
I have my website code hosted on a linux server. My website allows new registrations for employers (http://www.gymandspajobs.com/Employer/Employer.php). The filled-up forms are verified by JavaScripts in the folder "/javascript" and if the information is found ok, the data is submitted via JavaScript HTTP request object and the PHP file "somefile.php" kept in the folder "/somefolder" under the root directory does the database inserts.
Problem -
When a new user tried to register using Firefox (I tested in WinXP SP2, Firefox - v3.5.2), the HTTP response I used to get (which I tapped in my JavaScript file) was
"You don't have permission to access /somefolder/somefile.php on this server." .
Surprisingly, the same functionality worked perfectly well in IE7 and Chrome.
Latest Update on the Problem -
I contacted my web hosting guys and my problem seems to have been solved after I received this reply from them.
We have disabled mod_security for your domain to fix it. We have entered the below lines to the .htaccess file under the httpdocs directory for your domain. We have also verified and successfully able to submit the Employer registration without any issues. ~~~~~ SecFilterEngine off ~~~~~
Though the problem has got solved, I think making "SecFilterEngine off" may not be the best solution to this problem as it compromises security. Hence I asked the hosting guys if there is a way to keep mod_security ON and yet get my functionality to work...... here is their reply.....
Q. is there any way my code can work yet keeping mod_security ON?
Ans. It is possible. But it is not easy. You have to modify the code in the file in such a way that the URI should not have the pattern "!(^application/x-www-form-urlencoded$|^multipart/form-data;)" because we found this entry in the apache error logs -
mod_security-action: 403
mod_security-message: Access denied with code 403. Pattern match "!(^application/x-www-form-urlencoded$|^multipart/form-data;)" at HEADER("Content-Type")
I am using the HTTP object and POST method via JavaScript as -
http.setRequestHeader('Content-Type','application/x-www-form-urlencoded')
Please guide me as to what changes do I need to do in the above line of code so that mod_security can be kept ON and yet my registration form will work?
Thanks and Regards,
-Rupak Kharvandikar-
In this situation the best thing to do is to threat that specific warning as a false positive because it is. Remember that mod_security doesnt support content encoding and false positives is a very normal thing when you are dealing with WAF's.
Disabling all mod_security rules just for one false positive is dumb though. Look for the id of the rule that is getting triggered and disable it "SecRuleRemoveById". In my box I created an additional config to place all the rules i want to disable.
modsecurity_crs_60_myignores.conf
SecRuleRemoveById 960903
SecRuleRemoveById 970903
SecRuleRemoveById 970902
I managed to create an account in Firefox without any issues.
I'm on a VPS environment so I have root access, btw.
So take a look at these issues:
http://www.sonikastudios.com/wp-content/themes/sonikas/scripts/timthumb.php?src=/wp-content/uploads/tedleescreenshot1.jpg&w=100&h=100&zc=1&q=100
That returns a 404 error.
However when I move timthumb.php to the root of the site, it works.
I verified file/folder permissions, it's not the issue. Also, another PHP generated image that i use for Captcha, is doing the same thing...
So essentially it boils down to no .php files running from within folders. However this is not an issue otherwise because PHP scripts I have under /admin/ on other sites work fine.
So... what could cause this? Most forum articles I read lean towards a mod_security problem, but I don't even know where to start, as I'm not an apache expert.
As you have root access, try looking for what is happening in Apache logs. To follow latest request you can use tail.
Which version of Apache you are running? In my configuration of Apache 2.2 you can follow error log in terminal by invoking:
tail -f /var/log/httpd/error_log
It seems that default configuration of Apache 2.2 has error log in /usr/local/apache2/logs/error_log, so my configuration is not default.
If you do not have success with error log, try also looking for information in access log, default location at /usr/local/apache2/logs/access_log.
Same error can occur when the file it self is also writable. Make sure the file is 644 and NOT 666 !
Wordpress is probably using some mod_rewrite rules to send every request to its index.php. And there it’s analyzing the request and returning a 404 status code if one of its internals was requested.
This is a problem with your .htaccess file generated by WordPress. It redirects all requests for your site that aren't wp-admin/ or in your uploads directory to the index.php file for WordPress (the request handler that queries for posts, etc.)
In my case, the following PERMISSION changes solved the (Timthumb.php) issue:
The PHP script must be "644".
All of the parent directories must be "755"; Neither "775" nor "777".