Since it's a friday, I can't ask my host about this, but apparently, all the .php pages on my websites are giving out the "Internal Server Error"... this started just now, I was not on my admin cp, I did 0 changes to my website today, in fact, I changed nothing for about a week now.
I host a few forums and got alerted by some users just now who were browsing and suddenly this happens.
The website in question:
cudamine.com
The error:
Internal Server Error
The server encountered an internal
error or misconfiguration and was
unable to complete your request.
Please contact the server
administrator, xxx#email.com and
inform them of the time the error
occurred, and anything you might have
done that may have caused the error.
More information about this error may
be available in the server error log.
Additionally, a 404 Not Found error
was encountered while trying to use an
ErrorDocument to handle the request.
I use cPanel X.
Should I be worried about this? Some sort of attack or something? All HTML pages work fine, it's just .php that seems to have this issue, is this a problem on my hosts end, or can I do anything about this before monday? Thanks guys, and sorry if this is the wrong place to ask. It's just that I don't want to have no site for the whole weekend...
After reading up on the web about similar situations, I found some info on the .htaccess file, I found the file and this is what's in it:
RewriteEngine on
RewriteCond %{HTTP_HOST} ^cudamine.com$ [OR]
RewriteCond %{HTTP_HOST} ^www.cudamine.com$
RewriteRule ^santa\-maria\/forum\/?(.*)$ "http\:\/\/cudamine\.com\/santa\-maria\/\?page_id\=7\/$1" [R=301,L]
Those two RewriteCond are 2 of my links that use php... I tried deleting this file, nothing changed though.
Definitely check the error log (should be available in CPanel).
One common occurrence I see is when a host enables SuPHP (suexec for PHP scripts) and you have group writable scripts or directories containing scripts.
If your error log shows anything like "Apache SoftException", then this is the most likely cause. You need to change the filesystem permissions on your scripts and directories to remove the group "write" bit.
Another possible cause is your host has disabled mod_rewrite or removed the appropriate overrides (FileInfo) to use the Rewrite* directives.
PHP may be writing its error log elsewhere than the standard Apache error_log. You can retrieve the log's location with ini_get('error_log'). If the value's something other than "syslog", PHP is writing its errors to a file of the same name.
Related
I have a php application that I needed to open on a local web server. I'm running Windows 7 on my VM. Have installed php 7.3.6, mysql, apache 2.4.
After some configuration trying to open my "application" with "localhost/application".
Getting "Internal error 500".
In Apache logs can see "C:/WebData/application/.htaccess: Invalid command 'order', perhaps misspelled or defined by a module not included in the server configuration"
In .htaccess I have:
order deny,allow
RewriteEngine On
RewriteBase /
RewriteRule .* index.php?url=$0 [QSA,L]
Change first line into "Require all granted"
Trying to open "localhost/application"
Getting the error "404 URL /index.php" not found
Trying to open "localhost/application/index.php"
Forwarding to "localhost/ru/main"
Getting another error "404 URL .." not found
Also after each request I see that htaccess is changing back into its initial state with "order deny,allow".
Is there something wrong with httpd.conf?
You probably don't run mod_access_compat, which means Order is not available, as it's deprecated in Apache 2.4 (see https://httpd.apache.org/docs/2.4/howto/access.html)
Now, the reason why your .htaccess files get overwritten probably lies in the PHP code you're running. Some applications try to auto-configure themselves and will write their own .htaccess file to make sure they run properly.
The fact this particular app tries to write deprecated commands without checking if the version of Apache you are running is capable of handling them is concerning and probably means it's outdated.
Do a global search on the application files and look for that Order deny, allow rule, I'm pretty sure you'll find the culprit.
If you can run a newer version of that code, do so, and if not, and if patching it manually is an option, change it to Require all granted
I've got a strange problem while trying to add pages to my website.
I'm actually trying to create a "test.php" in my directory, but when I try to access it, I've got
Internal Server Error
The server encountered an internal error or misconfiguration and was unable to complete your request.
Please contact the server administrator, contact#mywebsite.com and inform them of the time the error occurred, and anything you might have done that may have caused the error.
More information about this error may be available in the server error log.
My .htaccess looks like this :
RewriteEngine on
RewriteCond %{HTTP_HOST} ^www\.mywebsite\.com [NC]
RewriteRule (.*) http://mywebsite.com/$1 [R=301,L]
Ok now according to your error you posted it appears to be like a ownership issue. chown your web directory from the command line and see what happens.
chown -R apache: /home/krokoweb/public_html/
Note I used the user "apache" as example. Use whatever your web user is for your files. e.g. www-data, apache, httpd etc
See how that works out.
I'm facing a strange situation. For a website some cronjobs are being executed. This all worked well until now; when I try to excecute a cronjob I'm getting no result. For some reason the URL is recognized by .htaccess trying to put it into the site with wrong $_GET parameters. The second parameter is 500. When I try to reach a file which doesn't exist the second parameter becomes 404. So I figured these had to be http response codes.
When using Chrome's Network inspector I see the result for a - should be - working cronjob is a http 500. I'm clueless... Is there any way this might have been set by someone else, by accident, maybe by the ISP somewhere in the php.ini or httpd.conf I can look?
The structure is http://www.domain.com/CronJobs/file.php. I've found out it's only happening for files in the CronJobs folder. Cronjobs are supposed to be executed using wget.
-- Addition
Maybe if it is of any assistance, the rule in the .htaccess being used for the request is:
RewriteCond %{REQUEST_URI} !^(.*)FCKEditor(.*)$
RewriteRule ^(.*).html$ /index.php?pageId=LandingPage&Alias=$1 [L]
Obviously no rule should be used and the server should just serve the PHP-file being asked for.
-- Second addition
I also tried to empty the .htaccess-file and then request the cronjob. I still get the error 500. Only this time being served from the PHP-file itself, not from the index.php (which is was used by the original .htaccess contents).
Found the issue, hope this answer helps someone out in the future.
Okay, this one was a bit distracting to find but I found my problem. Permissions.
I've set the folderpermission to 777 while the folder may not be writeable. I've changed to permissions back to 755 and it's working again.
The errors in the logs were all like: [Mon Oct 21 20:00:01 2013] [warn] Directory "/home/accountname/domains/domain.com/public_html/CronJobs" is writeable by group
After searching based on that error I came across https://my.hostmonster.com/cgi/help/594 and that's where I saw the permission issue.
(I've set the permissions previously to 777 for a simple lockfile).
I was looking for this over google and found just one thing repeated on every single website.
Edit your .htaccess and add this line:
ErrorDocument 404 /yourpage.php
So for example my page is error.php so it is obvious that it should be:
ErrorDocument 404 /error.php
However even if I type full domain name it doesnt works. It gives me Internal Server Error only and I have no ideas how to make it.
Any tips? Thanks.
EDIT No.1:
I am not quite sure where do I check for these "Apache" logs.
Btw here is full ISE Message:
Internal Server Error
The server encountered an internal error or misconfiguration and was unable to complete your request.
Please contact the server administrator, *webmaster#mydomainname.com* and inform them of the time the error occurred, and anything you might have done that may have caused the error.
More information about this error may be available in the server error log.
Additionally, a 500 Internal Server Error error was encountered while trying to use an ErrorDocument to handle the request.
Also I have tried making error.html and doesnt works. And also I Do not use any other rewrites in htaccess.
Then your webserver does not support this option...
Look into your http.conf and search for
AllowOverride <value>
If it is not equal FileInfo or all configuring error documents is not allowed.
Change it to All to make it work (and restart Apache afterwards)
If you do not have access to the http.conf, ask your Provider to allow custom error documents.
Typical web-applications call a default single server object (e.g. a PHP script) each time a request comes in. In case Apache fails to find an applicable script or resource, Apache tries to deliver an error page.
Alternatively, one may design an web-app in such a way, that no scripts or resources exist in the vHost's htdocs/root directory. Thus, each request would force Apache to deliver an error page.
If we define a server-side script as the standard error handler, any URL will trigger the script. Thus, the single script would be the single point of action.
Is anybody aware of reasons, why this approach is wrong?
It seems that the page called by the ErrorHandler statement doesn't have access to form data such as $_GET, $_POST, $_REQUEST, $_COOKIE (at least in my install of Apache/PHP).
After daring a journey into the pit of hell that is Apache mod_rewrite I eventually escaped with the following incantation, which seems to work for me:
<Directory /same/as/document/root/>
RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule /* index.php
</Directory>
The first line enables mod_rewrite.
The second line sets the rewrite base to the document root, i.e. so that URLs of all subdirectories are processed.
The third line sets a condition such that the rule is only activated if the requested filename ("%{REQUEST_FILENAME}") doesn't exists ("!-f").
The fourth line matches all paths starting with a "/" and redirects them to index.php.
Disclaimer: I know very, very, little about both Perl regular expressions and Apache mod_rewrite.
Just beware that the user may type in a URL path of the form:
/some_directory/ or /some_directory
so you may have to handle both cases.
My guess is that this is a penalty for the webserver.
Each time a resource is requested, it searches the filesystem for a file and if it doesn't find one, the error handler script is searched and run.
And if for some reason PHP fails, you do not get any error pages anymore and Apache will log something like an error occurred and another one while handling the error in the error handler.
You could do it, but you'd probably have to jump through some hoops to get the original URL, and to avoid sending HTTP error codes. If your goal is to use PHP for all requests, you'd probably be better off using mod_rewrite.