I'm facing a strange situation. For a website some cronjobs are being executed. This all worked well until now; when I try to excecute a cronjob I'm getting no result. For some reason the URL is recognized by .htaccess trying to put it into the site with wrong $_GET parameters. The second parameter is 500. When I try to reach a file which doesn't exist the second parameter becomes 404. So I figured these had to be http response codes.
When using Chrome's Network inspector I see the result for a - should be - working cronjob is a http 500. I'm clueless... Is there any way this might have been set by someone else, by accident, maybe by the ISP somewhere in the php.ini or httpd.conf I can look?
The structure is http://www.domain.com/CronJobs/file.php. I've found out it's only happening for files in the CronJobs folder. Cronjobs are supposed to be executed using wget.
-- Addition
Maybe if it is of any assistance, the rule in the .htaccess being used for the request is:
RewriteCond %{REQUEST_URI} !^(.*)FCKEditor(.*)$
RewriteRule ^(.*).html$ /index.php?pageId=LandingPage&Alias=$1 [L]
Obviously no rule should be used and the server should just serve the PHP-file being asked for.
-- Second addition
I also tried to empty the .htaccess-file and then request the cronjob. I still get the error 500. Only this time being served from the PHP-file itself, not from the index.php (which is was used by the original .htaccess contents).
Found the issue, hope this answer helps someone out in the future.
Okay, this one was a bit distracting to find but I found my problem. Permissions.
I've set the folderpermission to 777 while the folder may not be writeable. I've changed to permissions back to 755 and it's working again.
The errors in the logs were all like: [Mon Oct 21 20:00:01 2013] [warn] Directory "/home/accountname/domains/domain.com/public_html/CronJobs" is writeable by group
After searching based on that error I came across https://my.hostmonster.com/cgi/help/594 and that's where I saw the permission issue.
(I've set the permissions previously to 777 for a simple lockfile).
Related
I am on shared host and PHP is inatalled as CGI script and that is all the problem i am not able to find whether mod_rewrite if enable or not
Note: I don't have any root level access so i can't much do with Shell.
I have tried the following :
1) checked in phpinfo() where i came to know about that this is the wrong place to look for in PHP-CGI.
2) I have tried getting it from apache_get_modules which agi does not work in PHP-CGI :(
3) I have tried :
if (strpos(shell_exec('/usr/local/apache/bin/apachectl -l'), 'mod_rewrite') !== false) {
// mod_rewrite is enabled
}
which is asking for path to apache and i dont have this info SHELL cant reply to me and $_SERVER has nothing.
4) I have checked with RewriteEngine On in .htaccess and after this my site is throwing 500 Internal server error may be because of RewriteEngine is not there, but i need this is written to show someone.
Any body has any idea how to check get this DONE.
Thanks
With PHP CGI there is no easy way to find out whether mod_rewrite is available or not on the server.
So, you need to find out it by making a test call to the server. You can use the following steps for this method,
Create a directory named mod_rewrite_test on the server.
Add .htaccess file in this directory with the following code,
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /mod_rewrite_test
RewriteRule .* mod_rewrite_test.txt
</IfModule>
a. first line tells apache to execute the below code only if mod_rewrite is available,
b. second line enables rewrite engine,
c. third line sets rewrite base directory path which is from DOCUMENT_ROOT
d. forth line returns the content of mod_rewrite_test.txt file to any request sent to mod_rewrite_test directory.
Create a file named mod_rewrite_test.txt in the same directory. Write ok in this file and save it.
Now, using CURL in your php script, call the URL similar to,
http://www.your-domain.com/mod_rewrite_test/test.php
and check the response.
So, as per our .htaccess code, if mod_rewrite is active and working on the server,
it will return the content of mod_rewrite_test.txt file i.e. ok even though the test.php file does not exists.
Otherwise, it will return 404 - Page not found error.
To check if mod_rewrite module is enabaled, create a new php file in your root folder of your server. Enter the following
echo phpinfo();
And access file in your browser.
I have this .htaccess on my Windows dev machine and everything works fine
RewriteEngine On
RewriteRule ^(.+[^/])/$ http://%{HTTP_HOST}/webserv/$1 [R=301,L]
RewriteRule ^login/([0-9]+)/([0-9]+)$ login.php?par1=$1&par2=$2 [L,NC,QSA]
When I upload it on my Centos server I get the error
404 The requested URL path_to_script/login.php was not found on this server.
I cannot understand why this is. The file is definitely there and I gave permissions 777.
I have checked if the .htaccess is actually used by adding rubbish in it and getting an internal error (500) which means that it is working.
Also when I use .htaccess to make restrictions on IPs that have access to the directory it works. mod_rewrite is loaded as shown in the phpinfo() I have tried.
I am at a loss here.
EDIT
I noticed that it tries to search in the base_path appending it to the root path e.g.
/path_to_script/path_to_script/login.php
And that is why it fails. How do I solve this?
I finally solved it but in a way that I am not sure I like. At least it works. If someone has a better solution I would be glad to see it.
RewriteRule ^login/([0-9]+)/([0-9]+)$ http://host/webserv/login.php?par1=$1&par2=$2
The reason I don't like this solution is because I does not give a pretty url. It just redirects.
I still do not understand why I get the root directory appended to the request if I instead write:
RewriteRule ^login/([0-9]+)/([0-9]+)$ login.php?par1=$1&par2=$2
I have a weird problem. I develop my sites on localhost and after that i distribute it server side. Most of the time this is working as expected but now notice something weird and cannot figure out what the problem is.
On the server all RewriteRule redirects but without expected queries. Something like this is working fine on localhost but not on the server:
RewriteEngine On
....
....
RewriteRule .....
EDIT: Changed entries for security reasons, sorry!
....
....
Does anybody knows what is going on? Do i miss something? Why are the queries not passed thru? Is it a server configuration? Cannot find anything about it on the internet.
Thank you for your comments.
EDIT: SOLUTION below, second comment. Has something to do with what apache handles first.
#Erwinus, the "Perdir" functionality that you discuss is standard in Apache but not well understood. Apache will probe for, then open and read all existing .htaccess files on the path to a script filename. (Ignoring the RewriteOptions inherit chase which is rarely chosen) it uses the deepest .htaccess file that it finds that has RewriteEngine On.
I would therefore differ from Mario's view in that IMHO its almost impossible to get a parent directories rewrite rules to preempt a child directory set -- the default action of Apache is to ignore the parent. I explain in a more detail in this blog article.
These things are nearly impossible to debug. But mod_rewrite offers one feature that you should set up to investigate this:
RewriteLog /tmp/rewritelog.txt
RewriteLogLevel 2
The RewriteLog directive however cannot be used from .htaccess. You need to declare it in the vhost or main server configuration. If level 2 is still insufficient, then try 3.
Otherwise I'd just would advise you to try a RewriteBase, since you seem to match varying directory levels with your rules. Possibly repeat your rules in the subdirectories (streambutler/) again. Apaches mod_rewrite is peculiar and ignores them in the parent dir sometimes.
I have a form with many inputs. Some named "date", "type" etc.
The form action points to http://www.xxx.com/admin/links/create, via POST.
When I try to submit it (having required fields populated correctly), I get a 403 response.
In the following cases, I get either 302 or 200 response codes (depending on log-in cookie):
plain http://www.xxx.com/admin/links/create URL in address bar (I know that's GET);
using websniffer (GET & POST)
curl/wget from local
I checked the permissions, the .htaccess (I only have FTP access to web-root) and various other places and everything looks fine.
I hope it's not naming collision of the inputs (actually, I do hope so, because that'll be easy to fix).
All the above happen in production, which is Linux (Apache/2.0.51 on Fedora). Everything works fine on local, which is Windows. Don't tell me it's permissions...
Does somebody know what could be the cause for this - in my own perception - strange behavior?
Culprit: Apache's mod_security.
I didn't have that module installed in my Windows machine (that's why it worked locally), but the server had it installed.
Here's what I did:
I checked the access logs. Found this:
[...] mod_security: Access denied with code 403. Pattern match "!(^application/x-www-form-urlencoded$|^multipart/form-data;)" at HEADER("Content-Type") [...] [uri "/admin/links/create"] [...]
As I don't know how to handle mod_security (yet!), I removed it altogether, and it worked. In your .htaccess:
<IfModule mod_security.c>
SecFilterInheritance Off
</IfModule>
Of course, you can pin-point your Apache targets only to apply that rule to certain files/folders using directives.
Some links that might help:
http://community.mybb.com/showthread.php?tid=7592
http://wordpress.org/support/topic/upgrade-to-22-dashboard-not-working
http://energy-4-3.com/uncategorized/mod_security-access-denied-with-code-403-pattern-match-http/
http://www.modsecurity.org/ (homepage)
Since it's a friday, I can't ask my host about this, but apparently, all the .php pages on my websites are giving out the "Internal Server Error"... this started just now, I was not on my admin cp, I did 0 changes to my website today, in fact, I changed nothing for about a week now.
I host a few forums and got alerted by some users just now who were browsing and suddenly this happens.
The website in question:
cudamine.com
The error:
Internal Server Error
The server encountered an internal
error or misconfiguration and was
unable to complete your request.
Please contact the server
administrator, xxx#email.com and
inform them of the time the error
occurred, and anything you might have
done that may have caused the error.
More information about this error may
be available in the server error log.
Additionally, a 404 Not Found error
was encountered while trying to use an
ErrorDocument to handle the request.
I use cPanel X.
Should I be worried about this? Some sort of attack or something? All HTML pages work fine, it's just .php that seems to have this issue, is this a problem on my hosts end, or can I do anything about this before monday? Thanks guys, and sorry if this is the wrong place to ask. It's just that I don't want to have no site for the whole weekend...
After reading up on the web about similar situations, I found some info on the .htaccess file, I found the file and this is what's in it:
RewriteEngine on
RewriteCond %{HTTP_HOST} ^cudamine.com$ [OR]
RewriteCond %{HTTP_HOST} ^www.cudamine.com$
RewriteRule ^santa\-maria\/forum\/?(.*)$ "http\:\/\/cudamine\.com\/santa\-maria\/\?page_id\=7\/$1" [R=301,L]
Those two RewriteCond are 2 of my links that use php... I tried deleting this file, nothing changed though.
Definitely check the error log (should be available in CPanel).
One common occurrence I see is when a host enables SuPHP (suexec for PHP scripts) and you have group writable scripts or directories containing scripts.
If your error log shows anything like "Apache SoftException", then this is the most likely cause. You need to change the filesystem permissions on your scripts and directories to remove the group "write" bit.
Another possible cause is your host has disabled mod_rewrite or removed the appropriate overrides (FileInfo) to use the Rewrite* directives.
PHP may be writing its error log elsewhere than the standard Apache error_log. You can retrieve the log's location with ini_get('error_log'). If the value's something other than "syslog", PHP is writing its errors to a file of the same name.