I installed xampp on a comupter (for example A) in a network, I set IP for apache so users in the network are able to access the localhost on the machine A. I installed a web project in htdocs directory so users can see that page using IP_OF_MACHINE/project. the problem is they can see IP_OF_MACHINE/xampp or IP_OF_MACHINE/phpmyadmin page while I want them to be able to see only the project not other pages. How do I can achieve this?
You can create a .htaccess file in the folders you don't want to be public and inside the .htaccess write the following :
order allow,deny
allow from 127.0.0.1
deny from all
Related
I have a virtual machine setup to host 4 domains, running fine (non-prod environment). There are image files and pdfs common between all domains. To save uploading the same files to each domain I want to have folders above the root folder of each domain i.e. all folders /var/www/html/in here (domain1,domain2,photos,pdf,dbconn, etc), I have done this with my PHP database scripts and they work fine, getting forbidden/permission error when I click on links. From my research, I've identified I need to modify httpd.conf and or httpd-vhosts.conf not totally sure which or both and not sure what the modification should be, also believe I should steer away from htaccess. (I have access to these conf files, I'm a PHP developer and don't usually play with Apache) Hoping this makes sense to someone and able to get some help. Thanks in advance.
grant access to whatever directory the images and pdfs are stored in, access can be granted in each virtual host individually or in your main apache config file once, something like this...
<Directory "folder/subfolder/noobfolder">
Grant access all
</Directory>
I work with Apache that is installed in a Windows Server(Windows Server 2012 R2) , so i have my web applications in the htdocs folder (in the server ofc) if i want to access the applications via other computers connected to the server i have to change each host file in each pc...
If you work with 2, 3 pc that is ok, however when you have at least 40 pc's it can be very tiring.
That's way i'm asking this question.
I mean,it's possible to simply put the url in the browser and the computers connected to the server enter in my web application?
This isn't maybe the best solution, but here it is
in file C:\xampp\apache\conf\extra\httpd-xampp.conf
Inside <IfModule alias_module> write following lines
Alias / "C:\xampp\htdocs"
<Directory "C:\xampp\htdocs">
AllowOverride all
Order deny,allow
Require all granted
</Directory>
Later restart apache and try to access you applications with inside the same intranet network:
computer-name/app-folder/
In general this isn't the best solution because you are exposing entire root folder htdocs, also I would suggest to you to move you application from htdocs and define application in httpd-vhosts.conf file. You can create aliases for application outside htdocs folder which are defined in httpd-vhosts.conf
I'm new to programming and I'm developing an online application using Laravel, with XAMPP (on Windows) to host the database. Now when I test the login page I have noticed that when someone types a wrong URL
Example: localhost/mysitename/home/wrong name
it is displaying a 404 error page with a "go home" button at the bottom which can direct anyone to the database through phpMyAdmin.
Is there any way to fix this?
For starters, restrict your phpMyadmin to only the local host or an IP address on your local network. Find the conf file and make the following changes. Adjust the IP to something that you know.
/etc/phpmyadmin/apache.conf
<Directory /usr/share/phpmyadmin>
Add the following lines at the top:
Order Deny,Allow
Deny from All
Allow from 127.0.0.1
Next - You really need to look into how to correctly configure Apache and other web services before exposing your front-end.
I'm working on a wordpress website installed on my box using WAMP, so I've always typed in 'localhost' into the address bar in order to access the site.
I've always had the apache rewrite module enabled
I then had the idea of allowing people on our LAN to access the site via my LAN IP.
To do this I edited this line of Apache's httpd.conf file (per instructions on this page http://www.sourcecodester.com/tutorials/php/5155/how-access-wampserver-another-computer-lan.html) :
# Controls who can get stuff from this server.
#
# Require all granted
# onlineoffline tag - don't remove
Order Deny,Allow
Deny from all
Allow from 127.0.0.1
Allow from ::1
Allow from localhost
(I changed 'Deny from all' to 'Allow from all')
Saved the file,
accessed my box via IP on an iPad mini, then another windows PC.
Come back to the machine that is running WAMP and I'm developing the site on, click one of the navigation links on the page, then I get the 500 Internal Server Error
So I can now only see the wamp menu and the site by typing my own IP in. Some images aren't loaded, and I get Error 500 when trying to login by typing my IP with '/wp-admin' after it (meaning that I can't log in to wordpress to edit anything either)
What is the problem here? I really need to be able to access 'localhost' and continue developing the website, but I can not figure this one out!
Thank you
Try to access localhost/your-wp-dir-path/wp-admin/options-general.php and in
WordPress Address (URL) option give value as http://localhost/your-wp-dir-path
I have a site and I want to create a log.txt file which includes all user logs.For example a user logged in anytime and logged out. That is to say,time which users logged in and out. I can make this with database but there would many rows and I don't want it. If I put log.txt file to /logs/log.txt,any user who writes domain.com/log/log.txt to address bar will see that file. How can I prevent this. (I use PHP)
It's true that you can hide files from website visitors using .htaccess, or by putting similar rules in other Apache configuration locations. But this kind of thing is not trivial, and it's easy to make mistakes. The best way to hide files from site visitors is through the directory structure of your project. For instance:
A directory www/ to contain all files website visitors DO need to visit directly with a browser. This will the the directory used as we website root in your Apache configuration. If browsers don't need to fetch a file, it should not be here.
Other directories, like logs/ for logs, lib/ for source code that gets included in your scripts, config/ for settings and configuration files, etc. Since they're not inside of the website root (www/), users cannot point their browsers at any of these files.
If you're on shared hosting, and they only give you one folder that is your website root, then you can't do this. I wouldn't purchase a hosting account from such a company, though, because there are plenty that DO let you put files outside your web root.
Use a .htaccess with
<Files "log.txt">
order deny,allow
deny from all
allow from 1.2.3.4
</Files>
Where 1.2.3.4 is your IP, if you want to be able to acces it from your browser via the site. Else remove that line, so you will only be able to access via FTP or script
You can prevent http access to your log folder by using an .htaccess file that contains
deny from all