Apache2, php5, userdir - nie czyta php - pra dost

klito · Post autor: **klito** » 05 czerwca 2010, 00:25

Witam.
Mam problemik ostatnio Instalowałem Apache2, php5, mod_usedir, wszystko byłoby pięknie gdyby nie to, że serwer nie czyta php np. mam pliki index.php, a serwer informuje mnie, że (403)

Kod: Zaznacz cały

[B]Forbidden[/B]

 You don't have permission to access /index.php on this server.

Myślę, że chodzi tu i o prawa dostępu ale nie wiem dokładnie.
Pomożecie?

//Wina leżała w /etc/apache2/mods-enabled/php5.conf
Pomogło
Plik php5.conf

Kod: Zaznacz cały

<IfModule mod_php5.c>
    <FilesMatch "\.ph(p3?|tml)$">
    SetHandler application/x-httpd-php
    </FilesMatch>
    <FilesMatch "\.phps$">
    SetHandler application/x-httpd-php-source
    </FilesMatch>
    # To re-enable php in user directories comment the following lines
    # (from <IfModule ...> to </IfModule>.) Do NOT set it to On as it
    # prevents .htaccess files from disabling it.
#    <IfModule mod_userdir.c>
#        <Directory /home/*/public_html>
#            php_admin_value engine Off
#        </Directory>
#    </IfModule>
</IfModule>

sigo · Post autor: **sigo** » 05 czerwca 2010, 11:34

Na foldery nadaj testowo (jeśli masz inne) 755, a na pliki 644. ja obstawiam błędnie skonfigurowaną ścieżkę, która wskazuje na położenie strony.

klito · Post autor: **klito** » 05 czerwca 2010, 13:42

Zrobiłem tak jak Ty mówisz i lipa, a ze ścieżką to o co Ci chodzi? VirtualHosty?

lessmian2 · Post autor: **lessmian2** » 05 czerwca 2010, 14:20

Pokaż konfig i logi. Podaj też ścieżkę jaką wpisujesz w przeglądarce i położenie pliku index.php.

klito · Post autor: **klito** » 05 czerwca 2010, 16:13

Ścieżka to: /home/cs/public_html, a tu konfig Apache2:

Kod: Zaznacz cały

ServerRoot "/etc/apache2"

#<IfModule !mpm_winnt.c>
#<IfModule !mpm_netware.c>
LockFile /var/lock/apache2/accept.lock
#</IfModule>
#</IfModule>

PidFile ${APACHE_PID_FILE}

Timeout 300

KeepAlive On

MaxKeepAliveRequests 100

KeepAliveTimeout 15

<IfModule mpm_prefork_module>
    StartServers          2
    MinSpareServers       5
    MaxSpareServers      10
    MaxClients          10
    MaxRequestsPerChild   0
</IfModule>

#worker
<IfModule mpm_worker_module>
    StartServers          2
    MaxClients           15
    MinSpareThreads      25
    MaxSpareThreads      35 
    ThreadsPerChild      25
    MaxRequestsPerChild   0
</IfModule>


User ${APACHE_RUN_USER}
Group ${APACHE_RUN_GROUP}

#

#

AccessFileName .htaccess

#

#
<Files ~ "^\.ht">
    Order allow,deny
    Deny from all
</Files>

DefaultType text/plain
#
HostnameLookups Off

#
LogLevel warn


Include /etc/apache2/mods-enabled/*.load
Include /etc/apache2/mods-enabled/*.conf

Include /etc/apache2/httpd.conf

Include /etc/apache2/ports.conf

LogFormat "%v:%p %h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %b" common
LogFormat "%{Referer}i -> %U" referer
LogFormat "%{User-agent}i" agent

CustomLog /var/log/apache2/other_vhosts_access.log vhost_combined

# Include generic snippets of statements
Include /etc/apache2/conf.d/

# Include the virtual host configurations:
Include /etc/apache2/sites-enabled/

Logi

error.log:

Kod: Zaznacz cały

[Sat Jun 05 11:27:04 2010] [notice] FastCGI: process manager initialized (pid 11290)
[Sat Jun 05 11:27:05 2010] [notice] Apache/2.2.9 (Debian) mod_fastcgi/2.4.6 mod_ldap_userdir/1.1.14 PHP/5.2.6-1+lenny8 with Suhosin-Patch configured -- resuming normal operations
[Sat Jun 05 11:27:21 2010] [error] [client 83.26.232.72] File does not exist: /home/cs/public_html/favicon.ico
[Sat Jun 05 11:27:24 2010] [error] [client 83.26.232.72] File does not exist: /home/cs/public_html/favicon.ico
[Sat Jun 05 11:31:18 2010] [error] [client 80.246.51.178] client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23): /w00tw00t.at.ISC.SANS.DFind :)
[Sat Jun 05 11:31:38 2010] [error] [client 78.46.99.54] client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23): /w00tw00t.at.ISC.SANS.DFind :)
[Sat Jun 05 11:40:39 2010] [error] [client 80.246.51.178] client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23): /w00tw00t.at.ISC.SANS.DFind :)
[Sat Jun 05 11:48:54 2010] [error] [client 217.195.204.194] client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23): /w00tw00t.at.ISC.SANS.DFind :)
[Sat Jun 05 11:49:54 2010] [error] [client 80.246.51.178] client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23): /w00tw00t.at.ISC.SANS.DFind :)
[Sat Jun 05 11:50:56 2010] [error] [client 78.46.99.54] client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23): /w00tw00t.at.ISC.SANS.DFind :)
[Sat Jun 05 11:59:29 2010] [error] [client 80.246.51.178] client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23): /w00tw00t.at.ISC.SANS.DFind :)
[Sat Jun 05 12:08:56 2010] [error] [client 80.246.51.178] client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23): /w00tw00t.at.ISC.SANS.DFind :)
[Sat Jun 05 12:10:15 2010] [error] [client 78.46.99.54] client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23): /w00tw00t.at.ISC.SANS.DFind :)
[Sat Jun 05 12:16:18 2010] [error] [client 217.195.204.194] client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23): /w00tw00t.at.ISC.SANS.DFind :)
[Sat Jun 05 12:18:17 2010] [error] [client 80.246.51.178] client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23): /w00tw00t.at.ISC.SANS.DFind :)
[Sat Jun 05 12:24:01 2010] [error] [client 87.106.89.91] client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23): /w00tw00t.at.ISC.SANS.DFind :)
[Sat Jun 05 12:27:44 2010] [error] [client 80.246.51.178] client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23): /w00tw00t.at.ISC.SANS.DFind :)
[Sat Jun 05 12:29:34 2010] [error] [client 78.46.99.54] client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23): /w00tw00t.at.ISC.SANS.DFind :)
[Sat Jun 05 12:37:15 2010] [error] [client 80.246.51.178] client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23): /w00tw00t.at.ISC.SANS.DFind :)
[Sat Jun 05 12:44:01 2010] [error] [client 217.195.204.194] client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23): /w00tw00t.at.ISC.SANS.DFind :)
[Sat Jun 05 12:46:31 2010] [error] [client 80.246.51.178] client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23): /w00tw00t.at.ISC.SANS.DFind :)
[Sat Jun 05 12:48:53 2010] [error] [client 78.46.99.54] client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23): /w00tw00t.at.ISC.SANS.DFind :)
[Sat Jun 05 12:55:53 2010] [error] [client 80.246.51.178] client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23): /w00tw00t.at.ISC.SANS.DFind :)
[Sat Jun 05 13:05:12 2010] [error] [client 80.246.51.178] client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23): /w00tw00t.at.ISC.SANS.DFind :)
[Sat Jun 05 13:08:12 2010] [error] [client 78.46.99.54] client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23): /w00tw00t.at.ISC.SANS.DFind :)
[Sat Jun 05 13:13:00 2010] [error] [client 217.195.204.194] client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23): /w00tw00t.at.ISC.SANS.DFind :)
[Sat Jun 05 13:15:00 2010] [error] [client 80.246.51.178] client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23): /w00tw00t.at.ISC.SANS.DFind :)
[Sat Jun 05 13:24:25 2010] [error] [client 80.246.51.178] client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23): /w00tw00t.at.ISC.SANS.DFind :)
[Sat Jun 05 13:24:37 2010] [error] [client 87.106.89.91] client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23): /w00tw00t.at.ISC.SANS.DFind :)
[Sat Jun 05 13:27:58 2010] [error] [client 78.46.99.54] client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23): /w00tw00t.at.ISC.SANS.DFind :)
[Sat Jun 05 13:42:47 2010] [error] [client 217.195.204.194] client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23): /w00tw00t.at.ISC.SANS.DFind :)
[Sat Jun 05 13:47:17 2010] [error] [client 78.46.99.54] client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23): /w00tw00t.at.ISC.SANS.DFind :)
[Sat Jun 05 14:06:35 2010] [error] [client 78.46.99.54] client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23): /w00tw00t.at.ISC.SANS.DFind :)

Jak coś to napisz co jeszcze podać.
IP serwera: 94.23.92.140 (ovh Francja).

Katalog /home/cs/public_html ma ustawiony chmod 755
chcesz konf. mod_userdir ?

Kod: Zaznacz cały

<IfModule mod_userdir.c>
        UserDir public_html
        UserDir enabled root

        <Directory /home/*/public_html>
                AllowOverride FileInfo AuthConfig Limit Indexes
                Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
                <Limit GET POST OPTIONS>
                        Order allow,deny
                        Allow from all
                </Limit>
                <LimitExcept GET POST OPTIONS>
                        Order deny,allow
                        Deny from all
                </LimitExcept>
        </Directory>
</IfModule>

i masz VirtualHosta nie wiem czy w czymś to pomoże ale ..

Kod: Zaznacz cały

<VirtualHost *:80>
    ServerAdmin webmaster@localhost
    
    DocumentRoot /home/cs/public_html/
    <Directory />
        Options FollowSymLinks
        AllowOverride None
    </Directory>
    <Directory /home/cs/public_html/>
        Options Indexes FollowSymLinks MultiViews
        AllowOverride None
        Order allow,deny
        allow from all
    </Directory>

    ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
    <Directory "/usr/lib/cgi-bin">
        AllowOverride None
        Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
        Order allow,deny
        Allow from all
    </Directory>

    ErrorLog /var/log/apache2/error.log

    # Possible values include: debug, info, notice, warn, error, crit,
    # alert, emerg.
    LogLevel warn

    CustomLog /var/log/apache2/access.log combined

    Alias /doc/ "/usr/share/doc/"
    <Directory "/usr/share/doc/">
        Options Indexes MultiViews FollowSymLinks
        AllowOverride None
        Order deny,allow
        Deny from all
        Allow from 127.0.0.0/255.0.0.0 ::1/128
    </Directory>

</VirtualHost>

Post autor: **Yampress** » 05 czerwca 2010, 16:29

To nie cały konfig apache, nawet brak wycinku części konfigu dla modułu katalogów użytkowników.
Jak wygląda konfiguracja apache i uprawnienia dla tego katalogu, w którym jest ten plik?

Na pewno ten moduł: mod-ldap-userdir?

klito · Post autor: **klito** » 05 czerwca 2010, 16:46

A odnośnie mod-ldap-userdir to mam tylko plik mod-ldap-userdi.load, a konfigu nie.

sigo · Post autor: **sigo** » 06 czerwca 2010, 12:10

Jakie uprawnienia nadałeś: /, /home, /home/cs/ oraz /home/cs/public_html/?

P.s. Boty skanują Ci serwer.

Post autor: **Yampress** » 06 czerwca 2010, 12:14

Nie chodziło mi o konfig tylko o zły plik modułu do apache ldap

Package libapache2-mod-ldap-userdir
lenny (stable) (net): Apache module that provides UserDir lookups via LDAP

Konfigurujesz apache z ldap?

http://forum.dug.net.pl/viewtopic.php?id=4594

Skoro tworzysz virtualhosty to tam podajesz ścieżkę, więc po co Ci userdir?

klito · Post autor: **klito** » 06 czerwca 2010, 12:35

Prawa dostępu mam na 755 ustawione dla tych folderów. Boty skanują mi serwer. Mam się bać i bronić?

Virtual hosty wyłączyłem, ale dalej nie czyta plików PHP. Czy user_dir ma coś do tego?

Apache2, php5, userdir - nie czyta php - pra dost

[+]Apache2, php5, userdir - nie czyta php - pra dostępu do plików?