I have searched everywhere for an answer to this, without success.
I have PHP installed on my OSX web server. When I access myserver.com/test.php everything works perfectly.
However, I have a subdirectory protected by mod_shib and shibd called /shibboleth/
When I put the exact same test.php file into /shibboleth/ it is served back to the browser rather than interpreted. I have messed with a million combinations of AddType and AddHandler; I've checked that I'm using
Here is the relevant part of my httpd.conf file:
<VirtualHost *:443>
SSLEngine on
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
ServerName jeesty.homeip.net
DocumentRoot "/Library/WebServer/Safe"
DirectoryIndex index.html index.php
DefaultType text/plain
AddType application/x-httpd-php .php
AddHandler application/x-httpd-php .php
<Directory "/Library/WebServer/Safe/">
DirectoryIndex index.html index.php
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
Allow from all
php_admin_flag engine on
</Directory>
<Location /shibboleth/>
SetHandler shib
AuthType shibboleth
ShibRequestSetting requireSession 1
Require valid-user
php_admin_flag engine on
</Location>
</VirtualHost>
If the directory is literally /shibboleth, then it's outside the document root of /Library/WebServer, and as such won't inherit a bunch of important configuration directives declared elsewhere in httpd.conf.
Related
I have setup a lot of Virtual Hosts in Ubuntu but today I needed to do this on a CentOS 7 server. I installed Apache and setup the VHost config but nothing appears when I view the site.
I know that Apache is reading my Config files because if I add a fault in it and restart Apache, it complains about the error. Is there something "else" that is needed on CentOS 7?
What kind of virtualhosts are you trying to achieve? name based I guess.
If you are not running on version 2.4> then you need to enable the name virtual host directive for the IP:PORT pair
NameVirtualHost *:80
The different behavior can depend on the different versions of the Apache servers shipped with the distro.
If not, it could be depending on selinux labels not being set properly. In this case anyway, you would get a permission error. Honestly I don't believe this is the case.
This is the settings that I use on a CentOS 7.3.1611 running Apache 2.4.6 I normally use virtualmin / webmin for configuration, but I have looked at the httpd.conf The basic settings that are in my config are
<VirtualHost xxx.xxx.xxx.xxx:80>
SuexecUserGroup "#502" "#502"
ServerName grid.hosted-systems.co.uk
ServerAlias www.grid.hosted-systems.co.uk
ServerAlias webmail.grid.hosted-systems.co.uk
ServerAlias admin.grid.hosted-systems.co.uk
DocumentRoot /home/grid/public_html
ErrorLog /var/log/grid.hosted-systems.co.uk_error_log
CustomLog /var/log/grid.hosted-systems.co.uk_access_log combined
DirectoryIndex index.html index.htm index.php index.php4 index.php5
<Directory /home/grid/public_html>
Options -Indexes +IncludesNOEXEC +SymLinksIfOwnerMatch +ExecCGI
allow from all
AllowOverride All Options=ExecCGI,Includes,IncludesNOEXEC,Indexes,MultiViews,SymLinksIfOwnerMatch
Require all granted
AddType application/x-httpd-php .php
AddHandler fcgid-script .php
AddHandler fcgid-script .php5
FCGIWrapper /home/grid/fcgi-bin/php5.fcgi .php
FCGIWrapper /home/grid/fcgi-bin/php5.fcgi .php5
</Directory>
<Directory /home/grid/cgi-bin>
allow from all
AllowOverride All Options=ExecCGI,Includes,IncludesNOEXEC,Indexes,MultiViews,SymLinksIfOwnerMatch
Require all granted
</Directory>
RewriteEngine on
RewriteCond %{HTTP_HOST} =webmail.grid.hosted-systems.co.uk
RewriteRule ^(.*) https://grid.hosted-systems.co.uk:20000/ [R]
RewriteCond %{HTTP_HOST} =admin.grid.hosted-systems.co.uk
RewriteRule ^(.*) https://grid.hosted-systems.co.uk:10000/ [R]
RemoveHandler .php
RemoveHandler .php5
php_admin_value engine Off
FcgidMaxRequestLen 1073741824
Alias /dav /home/grid/public_html
<Location /dav>
DAV on
AuthType Basic
AuthName "grid.hosted-systems.co.uk"
AuthUserFile /home/grid/etc/dav.digest.passwd
Require valid-user
ForceType text/plain
Satisfy All
RemoveHandler .php
RemoveHandler .php5
RewriteEngine off
</Location>
<Files awstats.pl>
AuthName "grid.hosted-systems.co.uk statistics"
AuthType Basic
AuthUserFile /home/grid/.awstats-htpasswd
require valid-user
</Files>
</VirtualHost>
<VirtualHost xxx.xxx.xxx.xxx:80>
SuexecUserGroup "#500" "#500"
ServerName mirrors.hosted-systems.co.uk
ServerAlias www.mirrors.hosted-systems.co.uk
ServerAlias webmail.mirrors.hosted-systems.co.uk
ServerAlias admin.mirrors.hosted-systems.co.uk
DocumentRoot /home/hosted-systems/domains/mirrors.hosted-systems.co.uk/public_html
ErrorLog /var/log/virtualmin/mirrors.hosted-systems.co.uk_error_log
CustomLog /var/log/virtualmin/mirrors.hosted-systems.co.uk_access_log combined
ScriptAlias /cgi-bin/ /home/hosted-systems/domains/mirrors.hosted-systems.co.uk/cgi-bin/
ScriptAlias /awstats/ /home/hosted-systems/domains/mirrors.hosted-systems.co.uk/cgi-bin/
DirectoryIndex index.html index.htm index.php index.php4 index.php5
<Directory /home/hosted-systems/domains/mirrors.hosted-systems.co.uk/public_html>
Options +Indexes +IncludesNOEXEC +SymLinksIfOwnerMatch +ExecCGI
allow from all
AllowOverride All Options=ExecCGI,Includes,IncludesNOEXEC,Indexes,MultiViews,SymLinksIfOwnerMatch
Require all granted
AddType application/x-httpd-php .php
AddHandler fcgid-script .php
AddHandler fcgid-script .php5
FCGIWrapper /home/hosted-systems/domains/mirrors.hosted-systems.co.uk/fcgi-bin/php5.fcgi .php
FCGIWrapper /home/hosted-systems/domains/mirrors.hosted-systems.co.uk/fcgi-bin/php5.fcgi .php5
</Directory>
<Directory /home/hosted-systems/domains/mirrors.hosted-systems.co.uk/cgi-bin>
allow from all
AllowOverride All Options=ExecCGI,Includes,IncludesNOEXEC,Indexes,MultiViews,SymLinksIfOwnerMatch
Require all granted
</Directory>
Alias "/centos" "/home/shared/CentOS"
<Directory "/home/shared/CentOS">
Options +Indexes +IncludesNOEXEC +SymLinksIfOwnerMatch +ExecCGI
Require all granted
HeaderName HEADER.html
</Directory>
Alias "/centos/" "/home/shared/CentOS/"
<Directory "/home/shared/CentOS/">
Options +Indexes +IncludesNOEXEC +SymLinksIfOwnerMatch +ExecCGI
IndexOptions FancyIndexing FoldersFirst NameWidth=* DescriptionWidth=*
Require all granted
HeaderName HEADER.html
</Directory>
</VirtualHost>
The settings here set up two virtual websites using port 80 and bound to the same single IP , this is accessable by using http://servername or http://ServerAlias The DocumentRoot is the location of the files to be servers.
The second VirtualServer is basically the same set up, but it also shows how the Alias section can be used to pull documents from outside the main directory.
As a side note, if anyone spots any vunerabilities in what is posted, let me know or edit and let me know.
Amber-Marie
So the answer to this was that the CentOS server had (by default) blocked the HTTP port 80. This really seems a bit silly but as soon as I allowed the firewall to open these ports for the web traffic, all worked fine:
iptables -A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
iptables -A INPUT -p tcp -m tcp --dport 443 -j ACCEPT
I try firewall-cmd --add-service=http on Centos 7.5 and it work
I have setup a website with ISPConfig.
In that website root I made symlink test/ -> /var/test/
/var/test/ contains two files - test.php and test.html. test.html works fine, but when I try to run test.php I get a white page with text No input file specified.
My website is auto-configured by ISPConfig running Apache 2.2.22. Here is an excerpt from config - please ask if you need to see more:
<VirtualHost *:80>
<Directory /var/www/clients/client1/web2/web>
Options FollowSymLinks
AllowOverride All
Order allow,deny
Allow from all
</Directory>
<FilesMatch "\.ph(p3?|tml)$">
SetHandler None
</FilesMatch>
<Directory /var/www/clients/client1/web2/web>
AddHandler fcgid-script .php .php3 .php4 .php5
FCGIWrapper /var/www/php-fcgi-scripts/web2/.php-fcgi-starter .php
Options +ExecCGI
AllowOverride All
Order allow,deny
Allow from all
</Directory>
Solved by setting AddHandler application/x-httpd-php .php in top of .htaccess
I am hosting my application on AWS server. I configured Virtualmin on it and created a new virtual server - mydomain.td.lr, and it created a user - mydomain.
I configured a virtual host for it too from the virtualmin interface.
<VirtualHost *:80>
SuexecUserGroup "#500" "#500"
ServerName mydomain.td.lr
ServerAlias www.mydomain.td.lr
ServerAlias webmail.mydomain.td.lr
DocumentRoot /var/www/public_html/mydomain
ErrorLog /var/log/virtualmin/mydomain.td.lr_error_log
CustomLog /var/log/virtualmin/mydomain.td.lr_access_log combined
ScriptAlias /cgi-bin/ /home/mydomain/cgi-bin/
ScriptAlias /awstats/ /home/mydomain/cgi-bin/
DirectoryIndex index.html index.htm index.php index.php4 index.php5
<Directory /var/www/public_html/mydomain>
Options -Indexes +IncludesNOEXEC +SymLinksIfOwnerMatch +ExecCGI
allow from all
AllowOverride All Options=ExecCGI,Includes,IncludesNOEXEC,Indexes,MultiViews,SymLinksIfOwnerMatch
Require all granted
AddType application/x-httpd-php .php
AddHandler fcgid-script .php
AddHandler fcgid-script .php5
FCGIWrapper /home/mydomain/fcgi-bin/php5.fcgi .php
FCGIWrapper /home/mydomain/fcgi-bin/php5.fcgi .php5
</Directory>
<Directory /home/mydomain/cgi-bin>
allow from all
AllowOverride All Options=ExecCGI,Includes,IncludesNOEXEC,Indexes,MultiViews,SymLinksIfOwnerMatch
Require all granted
</Directory>
RewriteEngine on
RewriteCond %{HTTP_HOST} =webmail.mydomain.td.lr
RewriteRule ^(.*) https://mydomain.td.lr:20000/ [R]
RemoveHandler .php
RemoveHandler .php5
php_admin_value engine Off
IPCCommTimeout 31
FcgidMaxRequestLen 1073741824
Alias /dav /home/mydomain/public_html
Alias /pipermail /var/lib/mailman/archives/public
<Location /dav>
DAV on
AuthType Basic
AuthName "mydomain.td.lr"
AuthUserFile /home/mydomain/etc/dav.digest.passwd
Require valid-user
ForceType text/plain
Satisfy All
RemoveHandler .php
RemoveHandler .php5
RewriteEngine off
</Location>
<Files awstats.pl>
AuthName "mydomain.td.lr statistics"
AuthType Basic
AuthUserFile /home/mydomain/.awstats-htpasswd
require valid-user
</Files>
RedirectMatch /cgi-bin/mailman/([^/\.]*)(.cgi)?(.*) https://mydomain.td.lr:10000/virtualmin-mailman/unauthenticated/$1.cgi$3
RedirectMatch /mailman/([^/\.]*)(.cgi)?(.*) https://mydomain.td.lr:10000/virtualmin-mailman/unauthenticated/$1.cgi$3
</VirtualHost>
This got appended to the httpd.conf.
When I open my application at mydomain.td.lr, the application shows up; but when I open phpmhyadmin, I see a php code there.
Also, when I see source code of phpmyadmin page, all the php code is commented out and code inside html which is php is being shown
I reinstalled phpmyadmin on the server, but still no success.
What went wrong with the configuration???
Removing these two lines does the job for me.
RemoveHandler .php
RemoveHandler .php5
Have you made modification in apache.conf which exists in /etc/phpmyadmin folder?
I think you have to also make entry in phpmyadmin apache.conf and make sure that short tag is not commented in php.ini file.
Hope this will help.
In my case it was
php_admin_value engine Off
in httpd.config Virtual host section.
Once disabled,
# php_admin_value engine Off
everything (virtual sites, phpMyAdmin) worked just fine.
Consider security issue, but mod_php could be enabled either in custom or default template > Apache_website under Virtualmin Server Template
I need to desactivate mod_php on a vhost and let it working for other vhosts, I need to disable it in order to activate suphp.
here is the vhost config :
Options +Indexes
ServerName www.native.org
ServerAlias native.org
DocumentRoot /home/user/www/native/current
ServerAdmin info#native.org
UseCanonicalName Off
CustomLog /var/log/apache2/native_access.log combined
ErrorLog /var/log/apache2/native_error.log
<Directory /home/user/www/native/current>
RemoveHandler .php
AllowOverride All
Options FollowSymLinks
Order allow,deny
allow from all
</Directory>
suPHP_Engine on
SuexecUserGroup user native
<IfModule mod_suphp.c>
suPHP_UserGroup user native
AddHandler x-httpd-php .php .php3 .php4 .php5
suPHP_AddHandler x-httpd-php
</IfModule>
NB: mod_php is activated by default for all vhosts
You don't have to remove handlers, types or to turn PHP's engine off.
In your <VirtualHost ...> add the following lines:
<FilesMatch \.php$>
SetHandler None
</FilesMatch>
In this way, you will remove the handler added by /etc/httpd/conf.d/php.conf (or php5.conf, or whatever) which says:
#
# Cause the PHP interpreter to handle files with a .php extension.
#
<FilesMatch \.php$>
SetHandler application/x-httpd-php
</FilesMatch>
Edit: It's better also to disable PHP's engine according to suphp.conf file:
# Disable php when suphp is used, to avoid having both.
<IfModule mod_php5.c>
php_admin_flag engine off
</IfModule>
Your site will run under suPHP now. (Also, if you have installed phpMyAdmin in /usr/share/phpMyAdmin, it will work under mod_php, which is great.)
At the end, take a look of one of my VirtualHosts configuration:
<VirtualHost 1.2.3.4:80>
ServerName site.com
ServerAlias www.site.com
ServerAdmin admin#site.com
DocumentRoot /home/site/public_html
Options -Indexes
suPHP_Engine on
suPHP_UserGroup site site
suPHP_ConfigPath "/home/site/public_html"
suPHP_AddHandler x-httpd-php
AddHandler x-httpd-php .php .php3 .php4 .php5
# Remove the handler added by php.conf
<FilesMatch \.php$>
SetHandler None
</FilesMatch>
# Disable php when suphp is used, to avoid having both.
<IfModule mod_php5.c>
php_admin_flag engine off
</IfModule>
ErrorLog "|cronolog /home/site/.logs/error_%Y_%m.log"
CustomLog "|cronolog /home/site/.logs/access_%Y_%m.log" combined
</VirtualHost>
Final Note:
If your phpMyAdmin located in /usr/share/phpMyAdmin is not working, add the following lines at the end of your httpd.conf or in your master VirtualHost:
<Directory /usr/share/phpMyAdmin>
<FilesMatch \.php$>
SetHandler application/x-httpd-php
</FilesMatch>
<IfModule mod_php5.c>
php_admin_flag engine on
</IfModule>
</Directory>
For example:
<VirtualHost 1.2.3.4:80>
ServerAdmin admin#master-site.com
DocumentRoot /var/www/html
Options -Indexes
<Directory /usr/share/phpMyAdmin>
<FilesMatch \.php$>
SetHandler application/x-httpd-php
</FilesMatch>
<IfModule mod_php5.c>
php_admin_flag engine on
</IfModule>
</Directory>
ErrorLog "|cronolog /var/www/.logs/error_%Y_%m.log"
CustomLog "|cronolog /var/www/.logs/access_%Y_%m.log" combined
</VirtualHost>
You should be able to do
<Directory /home/user/www/native/current>
RemoveHandler .php .phtml .php3 .php5
RemoveType .php .phtml .php3 .php5
php_flag engine off
AllowOverride All
Options FollowSymLinks
Order allow,deny
allow from all
</Directory>
Im using Virtualmin on top of Webmin to configure my websites on a VPS.
Everything worked fine, but now I try to create a new domain, but when I put files in its public_html it gives the php-files to download instead of executing it. How to solve this
These is my apache config (can't find anything strange):
/etc/apache2/sites-available/testbyc.--.nu.conf
SuexecUserGroup "#1009" "#1011"
ServerName testbyc.--.nu
ServerAlias www.testbyc.--.nu
ServerAlias webmail.--.--.nu
ServerAlias admin.testbyc.--.nu
DocumentRoot /home/byc/domains/testbyc.--.nu/public_html
ErrorLog /var/log/virtualmin/testbyc.--.nu_error_log
CustomLog /var/log/virtualmin/testbyc.--.nu_access_log combined
ScriptAlias /cgi-bin/ /home/byc/domains/testbyc.--.nu/cgi-bin/
ScriptAlias /awstats/ /home/byc/domains/testbyc.--.nu/cgi-bin/
DirectoryIndex index.html index.htm index.php index.php4 index.php5
<Directory /home/byc/domains/testbyc.--.nu/public_html>
Options -Indexes +IncludesNOEXEC +SymLinksIfOwnerMatch +ExecCGI
allow from all
AllowOverride All Options=ExecCGI,Includes,IncludesNOEXEC,Indexes,MultiViews,SymLinksIfOwnerMatch
AddHandler fcgid-script .php
AddHandler fcgid-script .php5
FCGIWrapper /home/byc/domains/testbyc.--.nu/fcgi-bin/php5.fcgi .php
FCGIWrapper /home/byc/domains/testbyc.--.nu/fcgi-bin/php5.fcgi .php5
</Directory>
<Directory /home/byc/domains/testbyc.--.nu/cgi-bin>
allow from all
AllowOverride All Options=ExecCGI,Includes,IncludesNOEXEC,Indexes,MultiViews,SymLinksIfOwnerMatch
</Directory>
RewriteEngine on
RewriteCond %{HTTP_HOST} =webmail.testbyc.--.nu
RewriteRule ^(.*) https://testbyc.--.nu:20000/ [R]
RewriteCond %{HTTP_HOST} =admin.testbyc.--.nu
RewriteRule ^(.*) https://testbyc.--.nu:10000/ [R]
php_admin_value engine Off
IPCCommTimeout 31
FcgidMaxRequestLen 1073741824
<Files awstats.pl>
AuthName "testbyc.--.nu statistics"
AuthType Basic
AuthUserFile /home/byc/domains/testbyc.--.nu/.awstats-htpasswd
require valid-user
</Files>
RedirectMatch /cgi-bin/mailman/([^/\.]*)(.cgi)?(.*) https://testbyc.--.nu:10000/virtualmin-mailman/unauthenticated/$1.cgi$3
RedirectMatch /mailman/([^/\.]*)(.cgi)?(.*) https://testbyc.--.nu:10000/virtualmin-mailman/unauthenticated/$1.cgi$3
Alias /pipermail /var/lib/mailman/archives/public
Try commenting out the line
php_admin_value engine Off
It's related to a larger issue that I'm still researching, but a recent update to Virtualmin added that line to some FCGI-related config files, breaking some things for some users.
As the accepted answer has said comment out
php_admin_value engine Off
We had this issue moving a site from one Virtualmin Install with PHP 5.X to a new server with PHP 7.1.
What had happened is that the default configuration for PHP7.1 had the following
<IfModule mod_userdir.c>
<Directory /home/*/public_html>
php_admin_flag engine Off
</Directory>
</IfModule>
This stopped virtualmin from running PHP scripts in users directories by adding that flag to all the local .conf files.
The php7.conf file /etc/apache2/mods-available/php7.conf also had the following
SetHandler application/x-httpd-php
This was causing all child sites to run with the process www-data and not the virtualmin user. Causing write access errors. So comment that out also.