• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

Apache hide extension

Chris_H

Aspiring Daemon

Thanks: 136
Messages: 951

#27
hac3ru said:
I tried that. The php works but accessing files without specifying the extension is not working.
Figures. :p
OK. Assuming the usual boatload of Apache extensions were installed, and you have, at least, most of them enabled. Let's try a simple virtual-host config
Assuming you have the following 2 includes in your /usr/local/etc/apache24/httpd.conf file, and you have NOT modified either of them
Code:
# Various default settings
Include etc/apache22/extra/httpd-default.conf
# Virtual hosts
Include etc/apache22/extra/httpd-vhosts.conf
add the following to the bottom of /usr/local/etc/apache24/extra/httpd-vhosts.conf
Code:
<VirtualHost *:9000>
    ServerAdmin nobody@localhost
    DocumentRoot "/usr/local/www/localtest"
    ServerName localhost
RewriteEngine on
<Directory "/usr/local/www/localtest">
# we're going to allow the whole gambit here -- it's only a test
	Options +Indexes +Includes +FollowSymLinks +SymLinksifOwnerMatch +ExecCGI +MultiViews
MultiviewsMatch Handlers Filters

	AllowOverride None
	Order allow,deny
	Allow from all
</Directory>
<IfModule dir_module>
	DirectoryIndex INDEX index.php index.html index.xhtml
</IfModule>
    ErrorLog "/var/log/www/Localtest-error.log"
    CustomLog "/var/log/www/Localtest-access.log" combined
</VirtualHost>
Also, does the following appear in your /usr/local/etc/apache24/httpd.conf file?
Code:
<IfModule mime_module>
#
# TypesConfig points to the file containing the list of mappings from
# filename extension to MIME-type.
#
TypesConfig etc/apache22/mime.types
Let's start there, and see what the results are. Keeping it simple -- the less variables, the easier it is to isolate the issue.
DO make sure the directory exists (you created it) for our test virtual-host, and that the server (Apache) can read from it.

--Chris

OH! I forgot to mention; you will also need to add
Code:
Listen 9000
just after
Code:
Listen 80
near the top of your /usr/local/etc/apache24/httpd.conf file.
 

hac3ru

Active Member


Messages: 109

#28
I added Listen 9000 and when I try to access http://server_ip:9000 I get
Code:
Forbidden

You don't have permission to access / on this server.
Nevermind. I fixed that but accessing http://server_ip:9000/index returns Error 404, while http://server_ip:9000/index.html returns the page
 

Chris_H

Aspiring Daemon

Thanks: 136
Messages: 951

#29
Did you catch my addition to the bottom of my last reply?

Code:
Listen 9000
just after
Code:
Listen 80
near the top of your /usr/local/etc/apache24/httpd.conf file.

Also, you did create the directory. /usr/local/www/localtest right?
are there any files in to? does Apache have read access to the folder? Check the permissions.

--Chris
 

Chris_H

Aspiring Daemon

Thanks: 136
Messages: 951

#31
OK. A couple of things here. The fact that you had to use the specific address indicates address resolution issues. localhost should be easily accessible, w/o issue; either by way of: http://localhost, or by http://127.0.0.1. I used the port 9000 to differentiate the use of a different directory. Maybe that's going to pose an issue in your case. but shouldn't. Just to confirm. Let's do the following; Since Directory Listings are enabled for this virtual-host, remove all the files listed as Indexes (index.html ...). then add an odd named file, that you know doesn't exist in any of your other virtual-hosts. Let's call it A-TEST, no extension. Then re-start the server, and go to it's root, and see if it shows up in the directory listing. Lemme know what you find.

--Chris
 

hac3ru

Active Member


Messages: 109

#32
The server is running on a FreeBSD, that's why I'm using the server's IP address.
Will try that now and I'll be back with the results.

Removing the INDEXES will show me the files in the localtest directory when accessing
Code:
http://server_ip:9000
 

Chris_H

Aspiring Daemon

Thanks: 136
Messages: 951

#33
hac3ru said:
The server is running on a FreeBSD, that's why I'm using the server's IP address.
Will try that now and I'll be back with the results.
Hmm. Not sure I follow you here. The development box I'm writing this from, has 3 virtual-hosts running from 3 different directories, all on localhost. The only difference, is that they all use different ports. So, should devlocal1 be on port 9191, in directory www/devlocal1. I go to http://devlocal1:9191 to get there. Same for devlocal2. If it were on port 8585, in directory devlocal2, I'd do the same; http://devlocal2:8585. In all cases, no IP address is required. I too am on FreeBSD. :)
hac3ru said:
Removing the INDEXES will show me the files in the localtest directory when accessing
Code:
http://server_ip:9000
I'll keep monitoring. :)

--Chris
 

hac3ru

Active Member


Messages: 109

#34
I'm not sure I follow. How does devlocal1 translates into the IP address? The computers communicate using the IP and the MAC address so any name is translated into an IP address. How does your system do that?
Anyway, setting virtual hosts with ServerName and ServerAlias gets me to the same result as you. I now have two virtualhosts that I access using http://site1.home.ro and http://site2.home.ro. Both on the same FreeBSD machine. I have used dnsmasq to resolve those names though.
 

Chris_H

Aspiring Daemon

Thanks: 136
Messages: 951

#35
OK. Just for clarification. I manage a /27 here locally. On this box, I have one internet facing address assigned, and serve some 62 virtual-hosts assigned to that address. For local development, I use localhost. I can then be assured that no one but me, can access any of the virtual-hosts I serve from it. It matters not what hostname(1) I use to describe the virtual-host. So, if Apache is used, I declare the following, in the conf file(s)
Code:
<VirtualHost *:8585>
    ServerAdmin nobody@localhost
    DocumentRoot "/usr/local/www/devlocal2"
    ServerName localhost
#I only use the following, in rare cases. But appears necessary for you
ServerAlias devlocal2
For whatever reason. I'm able to get there by name, so long as I use the correct port. Such seems not the case for you.
You can also use your hosts(5) file, for host resolution. Probably much easier, and quicker than dnsmasq(8).

OK. Well if you have the localhost virtual-hosts working. When you deleted the INDEXES, and saw the directory listing. Was the oddly named file present?

--Chris
 

Chris_H

Aspiring Daemon

Thanks: 136
Messages: 951

#36
Lastly, what is the listing of modules you have in your /usr/local/etc/apache24/httpd.conf file?
eg;
Code:
# Dynamic Shared Object (DSO) Support
#
# To be able to use the functionality of a module which was built as a DSO you
# have to place corresponding `LoadModule' lines at this location so the
# directives contained in it are actually available _before_ they are used.
# Statically compiled modules (those listed by `httpd -l') do not need
# to be loaded here.
#
# Example:
# LoadModule foo_module modules/mod_foo.so
#
LoadModule authn_file_module libexec/apache22/mod_authn_file.so
...
Reason being. You'll need to several modules present (and active) for your desired outcome to be accomplished. I need to know if they are. Since you seem to indicate you're not getting your desired results.

--Chris
 

hac3ru

Active Member


Messages: 109

#37
This is from httpd.conf
Code:
LoadModule authn_file_module libexec/apache24/mod_authn_file.so
#LoadModule authn_dbm_module libexec/apache24/mod_authn_dbm.so
#LoadModule authn_anon_module libexec/apache24/mod_authn_anon.so
#LoadModule authn_dbd_module libexec/apache24/mod_authn_dbd.so
#LoadModule authn_socache_module libexec/apache24/mod_authn_socache.so
LoadModule authn_core_module libexec/apache24/mod_authn_core.so
LoadModule authz_host_module libexec/apache24/mod_authz_host.so
LoadModule authz_groupfile_module libexec/apache24/mod_authz_groupfile.so
LoadModule authz_user_module libexec/apache24/mod_authz_user.so
#LoadModule authz_dbm_module libexec/apache24/mod_authz_dbm.so
#LoadModule authz_owner_module libexec/apache24/mod_authz_owner.so
#LoadModule authz_dbd_module libexec/apache24/mod_authz_dbd.so
LoadModule authz_core_module libexec/apache24/mod_authz_core.so
LoadModule access_compat_module libexec/apache24/mod_access_compat.so
LoadModule auth_basic_module libexec/apache24/mod_auth_basic.so
#LoadModule auth_form_module libexec/apache24/mod_auth_form.so
#LoadModule auth_digest_module libexec/apache24/mod_auth_digest.so
#LoadModule allowmethods_module libexec/apache24/mod_allowmethods.so
#LoadModule file_cache_module libexec/apache24/mod_file_cache.so
#LoadModule cache_module libexec/apache24/mod_cache.so
#LoadModule cache_disk_module libexec/apache24/mod_cache_disk.so
#LoadModule cache_socache_module libexec/apache24/mod_cache_socache.so
#LoadModule socache_shmcb_module libexec/apache24/mod_socache_shmcb.so
#LoadModule socache_dbm_module libexec/apache24/mod_socache_dbm.so
#LoadModule socache_memcache_module libexec/apache24/mod_socache_memcache.so
#LoadModule macro_module libexec/apache24/mod_macro.so
#LoadModule dbd_module libexec/apache24/mod_dbd.so
#LoadModule dumpio_module libexec/apache24/mod_dumpio.so
#LoadModule buffer_module libexec/apache24/mod_buffer.so
#LoadModule ratelimit_module libexec/apache24/mod_ratelimit.so
LoadModule reqtimeout_module libexec/apache24/mod_reqtimeout.so
#LoadModule ext_filter_module libexec/apache24/mod_ext_filter.so
#LoadModule request_module libexec/apache24/mod_request.so
#LoadModule include_module libexec/apache24/mod_include.so
LoadModule filter_module libexec/apache24/mod_filter.so
#LoadModule substitute_module libexec/apache24/mod_substitute.so
#LoadModule sed_module libexec/apache24/mod_sed.so
#LoadModule deflate_module libexec/apache24/mod_deflate.so
LoadModule mime_module libexec/apache24/mod_mime.so
LoadModule log_config_module libexec/apache24/mod_log_config.so
#LoadModule log_debug_module libexec/apache24/mod_log_debug.so
#LoadModule logio_module libexec/apache24/mod_logio.so
LoadModule env_module libexec/apache24/mod_env.so
#LoadModule mime_magic_module libexec/apache24/mod_mime_magic.so
#LoadModule cern_meta_module libexec/apache24/mod_cern_meta.so
#LoadModule expires_module libexec/apache24/mod_expires.so
LoadModule headers_module libexec/apache24/mod_headers.so
#LoadModule unique_id_module libexec/apache24/mod_unique_id.so
LoadModule setenvif_module libexec/apache24/mod_setenvif.so
LoadModule version_module libexec/apache24/mod_version.so
#LoadModule remoteip_module libexec/apache24/mod_remoteip.so
#LoadModule proxy_module libexec/apache24/mod_proxy.so
#LoadModule proxy_connect_module libexec/apache24/mod_proxy_connect.so
#LoadModule proxy_ftp_module libexec/apache24/mod_proxy_ftp.so
#LoadModule proxy_http_module libexec/apache24/mod_proxy_http.so
#LoadModule proxy_fcgi_module libexec/apache24/mod_proxy_fcgi.so
#LoadModule proxy_scgi_module libexec/apache24/mod_proxy_scgi.so
#LoadModule proxy_wstunnel_module libexec/apache24/mod_proxy_wstunnel.so
#LoadModule proxy_ajp_module libexec/apache24/mod_proxy_ajp.so
#LoadModule proxy_balancer_module libexec/apache24/mod_proxy_balancer.so
#LoadModule proxy_express_module libexec/apache24/mod_proxy_express.so
#LoadModule session_module libexec/apache24/mod_session.so
#LoadModule session_cookie_module libexec/apache24/mod_session_cookie.so
#LoadModule session_crypto_module libexec/apache24/mod_session_crypto.so
#LoadModule ssl_module libexec/apache24/mod_ssl.so
#LoadModule lbmethod_byrequests_module libexec/apache24/mod_lbmethod_byrequests.so
#LoadModule lbmethod_bytraffic_module libexec/apache24/mod_lbmethod_bytraffic.so
#LoadModule lbmethod_bybusyness_module libexec/apache24/mod_lbmethod_bybusyness.so
LoadModule unixd_module libexec/apache24/mod_unixd.so
#LoadModule dav_module libexec/apache24/mod_dav.so
LoadModule status_module libexec/apache24/mod_status.so
LoadModule autoindex_module libexec/apache24/mod_autoindex.so
#LoadModule asis_module libexec/apache24/mod_asis.so
#LoadModule info_module libexec/apache24/mod_info.so
LoadModule cgi_module libexec/apache24/mod_cgi.so
#LoadModule cgid_module libexec/apache24/mod_cgid.so
#LoadModule dav_fs_module libexec/apache24/mod_dav_fs.so
#LoadModule vhost_alias_module libexec/apache24/mod_vhost_alias.so
#LoadModule negotiation_module libexec/apache24/mod_negotiation.so
LoadModule dir_module libexec/apache24/mod_dir.so
#LoadModule imagemap_module libexec/apache24/mod_imagemap.so
#LoadModule actions_module libexec/apache24/mod_actions.so
#LoadModule speling_module libexec/apache24/mod_speling.so
#LoadModule userdir_module libexec/apache24/mod_userdir.so
LoadModule alias_module libexec/apache24/mod_alias.so
LoadModule rewrite_module libexec/apache24/mod_rewrite.so
LoadModule php5_module /usr/local/libexec/apache24/libphp5.so
 

Chris_H

Aspiring Daemon

Thanks: 136
Messages: 951

#38
OK. This is a quickie. UNcomment the following; I'll justify their purpose when I get a chance.
After you've uncommented them. restart the server. I think you'll find everything works, as you had intended. :)

Code:
#LoadModule allowmethods_module libexec/apache24/mod_allowmethods.so

#LoadModule macro_module libexec/apache24/mod_macro.so

#LoadModule request_module libexec/apache24/mod_request.so
#LoadModule include_module libexec/apache24/mod_include.so

#LoadModule mime_magic_module libexec/apache24/mod_mime_magic.so

#LoadModule cern_meta_module libexec/apache24/mod_cern_meta.so
#LoadModule expires_module libexec/apache24/mod_expires.so

#LoadModule asis_module libexec/apache24/mod_asis.so
#LoadModule info_module libexec/apache24/mod_info.so

#LoadModule vhost_alias_module libexec/apache24/mod_vhost_alias.so
#LoadModule negotiation_module libexec/apache24/mod_negotiation.so

#LoadModule actions_module libexec/apache24/mod_actions.so
--Chris
 

Chris_H

Aspiring Daemon

Thanks: 136
Messages: 951

#39
Further elaboration on your dis-abled modules:
Code:
#LoadModule allowmethods_module libexec/apache24/mod_allowmethods.so
Controls Allow Deny stanza
#LoadModule macro_module libexec/apache24/mod_macro.so
Allows to make complex re-write, or other complicated declarations as simple Name

#LoadModule request_module libexec/apache24/mod_request.so
Gives acces to REQUEST methods -- PUT GET DELETE, ... and allows to Permit, or modify reply
#LoadModule include_module libexec/apache24/mod_include.so
Provides for Includes stanza

#LoadModule mime_magic_module libexec/apache24/mod_mime_magic.so
Allows more fine-grained handling of MimeTypes

#LoadModule cern_meta_module libexec/apache24/mod_cern_meta.so
Somewhat legacy, but usually kept as "standard" on Apache installs
#LoadModule expires_module libexec/apache24/mod_expires.so
Permite defining "lifetime" of files served, important for Proxies, Search engines, and Dynamic Content

#LoadModule asis_module libexec/apache24/mod_asis.so
Allows to SEND file "as-is" -- intuitive. No?
#LoadModule info_module libexec/apache24/mod_info.so
Permits, among other things, monitoring your server; see httpd.conf file, for details

#LoadModule vhost_alias_module libexec/apache24/mod_vhost_alias.so
Almost a no-brainer, when serving virtual-hosts
#LoadModule negotiation_module libexec/apache24/mod_negotiation.so
Allows serving the "correct" mime-type to clients, and helps Apache make the best choice

#LoadModule actions_module libexec/apache24/mod_actions.so
sort of an, action::reaction module. permits doing "something", when "something" occurs
I would've looked here earlier. But most of the modules I mentioned here, have been default-on on most every server install, most people perform. So, to me, it seemed quite unlikely that any of these wouldn't already be ENabled. It's also interesting that you never received any error(s) in any of your log files, regarding the attempt to use those module' capabilities. For example; the Allow, and Deny stanza's aren't even possible w/o the mod_allowmethods.so.

Oh, well. If you enabled them. I can pretty well be rest assured that you're getting what you were attempting.

--Chris
 

Chris_H

Aspiring Daemon

Thanks: 136
Messages: 951

#41
Ug. Well, I've been doing this since before Apache was officially Apache. At this point, I can only conclude that there's something in your httpd.conf, or other config file, that preempts what we've done to enable the functionality you're seeking. I've got a fresh installation coming up in the next couple days. When I've completed it. I'll make a dump of the config files here. For you to compare against, or use for your own. All the servers I currently manage, have extremely large, and complicated configurations. That would only overwhelm, not serve you. :)

--Chris
 

Chris_H

Aspiring Daemon

Thanks: 136
Messages: 951

#43
Hello, @hac3ru.
Sorry for the delay.
Assuming you already have the following, or similar defined
Code:
AddType application/x-httpd-php .php
AddType application/x-httpd-php .phtml
AddType application/x-httpd-php .inc
AddType application/x-httpd-php-source .phps
I think all you'll need is the following
Code:
	MultiviewsMatch Handlers Filters
# for Perl/cgi
#    AddHandler cgi-script cgi
#    AddHandler cgi-script pl
# for php
AddHandler php-script php
AddHandler php5-script php
I may be wrong regarding the application/x-http-php part, it might be slightly different. But the AddHandler, performs the magic. I'd have been able to confirm, by testing it. But I don't use php. it's a huge security risk. I have too much to do already, to have to join the patch-of-the-month club. Frankly, I don't care for Apache, for the same reason. They'd both be great, if they could just just figure out how to code, without leaving security holes. At this point, it's almost like exploit features. After 20 years, you'd think Apache would have finally figured it out. :p
As to the AddType / AddHandler; a little history is in order. Back in the Apache-1.x days, AddType was all that was needed to accomplish what you were looking to achieve. In fact, I'll bet php.net still lists that, as the correct way to do it (they're wrong). But when Apache-2.x came out, all of that changed, and they added AddHandler. AddHandler is the method for the Server, and AddType remains, for the Client -- AddHandler tells Apache what to do with the extension, and AddType tells the Browser what to do with an extension.
So I could name all my files with the .trojan extension, and add
Code:
AddType   text/html trojan
and your web browser would treat bad.trojan, and index.trojan like a regular html file. :)

Well, best wishes to you, @hac3ru. Let me know how it works out for you.

OH, do note above;
the MultiviewsMatch Handlers Filters stanza is important. So don't forget it. Probably the best place to put all the above, is right below the Options stanza. eg;
Code:
Options +Indexes +Includes ...
    MultiviewsMatch Handlers Filters
    AddHandler trojan-script trojan
    AddHandler php-script php php4
    AddHandler php5-script php phtml php5
Anyway, you get the idea. :)

--Chris
 
Last edited by a moderator:

hac3ru

Active Member


Messages: 109

#44
Hello,

Thank you for this. I'll try it, this week hopefully, when I'll get to that server. I'll be back with a reply.
Thank you again.
 
Top