Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: apache 2.2 httpd.conf
Operating Systems Linux Red Hat apache 2.2 httpd.conf Post 302523983 by Lobster on Friday 20th of May 2011 01:52:46 PM
Old 05-20-2011
apache 2.2 httpd.conf
Hi, I was wondering if someone could help me out here. I am super-paranoid, so am trying to limit what PHP files can be executed on this server. I have a small list of files that I want to allow. The rest, deny:

Code:
<Files ~ "\.(php|php3)$">
  order allow,deny
  deny from all
</Files>

I want to then allow the execution of a few PHP files in a specific directory:

Code:
<Directory "/var/www/html/forums">
<Files ~ "forummain.php$">
  order allow,deny
  allow from all
</Files>
<Files ~ "index.php$">
  order allow,deny
  allow from all
</Files>
</Directory>

My problem is that the ALLOW FROM ALL statements in the above FILE sections allow anyone in, even if they are denied in the root directory .htaccess, or in the root directory's httpd.conf LIMIT. So that's not what I really want. I just want those 2 php files to be executable IF you're not otherwise locked out elsewhere. Does anyone know how I should configure this to work right?

Thanks
Last edited by radoulov; 05-20-2011 at 04:04 PM.. Reason: Code tags fixed.
 

10 More Discussions You Might Find Interesting

1. IP Networking

defaults httpd.conf

I have found in the httpd.conf where it it states the default parse pages like index.htm, index.html, index.php and etc....However, my computer box does not seem to want to automatically load the index.php files. Anyone have any ideas? (5 Replies)
Discussion started by: macdonto
5 Replies

2. IP Networking

httpd.conf - stumped

Have been asked to remove all images from being logged to the access_log ... where am I going wrong?<VirtualHost 123.456.789.99> ServerName www.somedomain.com.au DocumentRoot /agents/tts Redirect /wap http://somewap.com.au/traveler LogFormat "%v %h %l %u %t \"%r\" %>s %b" comonvhost... (2 Replies)
Discussion started by: Cameron
2 Replies

3. UNIX for Dummies Questions & Answers

Apache httpd.conf <VirtualHost> issue

I have just configured httpd.conf on a new Redhat 9 install. Below are my additions to httpd.conf. Everything works fine except that when typing http://spetnik.d2g.com into my web browser, I am sent to the "Default catch all" site. Any clues? NameVirtualHost *:80 #Default catch all ... (5 Replies)
Discussion started by: Spetnik
5 Replies

4. Ubuntu

Apache 2 httpd.conf empty

Hi everybody, I have installed Apache 2 + Tomcat 5.5. on Ubuntu 7.04 and the default httpd.conf is empty (0 lines), however there is a file called apache2.conf that looks like a default httpd.conf. I didn't use Apache in ages, since 1.3.x release, but I remember that the httpd.conf by default... (2 Replies)
Discussion started by: sspirito
2 Replies

5. Web Development

servername in apache httpd.conf

I'd like to know if servername in apache httpd.conf is the machine name or domain name. If it is domain name like example.com, should it be registered before in use? (1 Reply)
Discussion started by: yzhang738
1 Replies

6. Red Hat

apache 2.2 httpd.conf

Hi, I was wondering if someone could help me out here. I am super-paranoid, so am trying to limit what PHP files can be executed on this server. I have a small list of files that I want to allow. The rest, deny. So I have base rule that denies all php files server-wide: order allow,deny ... (0 Replies)
Discussion started by: Lobster
0 Replies

7. UNIX for Dummies Questions & Answers

Locate which httpd.conf is used by Apache

What is the command to see what httpd.conf file is apache using. Apache is started. (1 Reply)
Discussion started by: galford
1 Replies

8. Shell Programming and Scripting

Playing with httpd.conf

Hello Guys !! wanted to use SED to pull cout the full vertualhost entry for domain which is specified from command line Like (IP base httpd.conf) domain="ServerName takemewithyou.in" sed -n '/<VirtualHost* $domain/,/<\/VirtualHost>/p' httpd.conf File can take to test is below ... (0 Replies)
Discussion started by: SilvesterJ
0 Replies

9. Shell Programming and Scripting

Search and comment block of text from apache httpd.conf

I want to search for a block of text in httpd.conf that between two strings and comment it. There are multiple blocks with "<Directory.. and </Directory>" <Directory "${ORACLE_INSTANCE}/config/${COMPONENT_TYPE}/${COMPONENT_NAME}/htdocs"> # # Possible values for the Options directive are... (3 Replies)
Discussion started by: kchinnam
3 Replies

10. Red Hat

Httpd.conf Config?

hi is it possible ? explain tome about below items StartServers 8 MinSpareServers 10 MaxSpareServers 20 ServerLimit 4000 MaxClients 4000 MaxRequestsPerChild 4000 this is my servers 8gig ram & cpu 12 core... what cann i putting in order this ? tnx (1 Reply)
Discussion started by: mnnn
1 Replies

LEARN ABOUT X11R4

crontab

CRONTAB(1)                                                    General Commands Manual                                                   CRONTAB(1)

NAME

       crontab - maintain crontab files for individual users (Vixie Cron)

SYNOPSIS

       crontab [ -u user ] file
       crontab [ -u user ] [ -i ] { -e | -l | -r }

DESCRIPTION

       crontab  is  the  program used to install, deinstall or list the tables used to drive the cron(8) daemon in Vixie Cron.  Each user can have
       their own crontab, and though these are files in /var/spool/cron/crontabs, they are not intended to be edited directly.

       If the /etc/cron.allow file exists, then you must be listed (one user per line) therein in order to be allowed to use this command.  If the
       /etc/cron.allow file does not exist but the /etc/cron.deny file does exist, then you must not be listed in the /etc/cron.deny file in order
       to use this command.

       If neither of these files exists, then depending on site-dependent configuration parameters, only the super user will  be  allowed  to  use
       this command, or all users will be able to use this command.

       If  both  files exist then /etc/cron.allow takes precedence. Which means that /etc/cron.deny is not considered and your user must be listed
       in /etc/cron.allow in order to be able to use the crontab.

       Regardless of the existance of any of these files, the root administrative user is always allowed to setup a crontab.  For standard  Debian
       systems, all users may use this command.

       If the -u option is given, it specifies the name of the user whose crontab is to be used (when listing) or modified (when editing). If this
       option is not given, crontab examines "your" crontab, i.e., the crontab of the person executing the command.  Note that su(8)  can  confuse
       crontab and that if you are running inside of su(8) you should always use the -u option for safety's sake.

       The  first  form  of  this  command is used to install a new crontab from some named file or standard input if the pseudo-filename ``-'' is
       given.

       The -l option causes the current crontab to be displayed on standard output. See the note under DEBIAN SPECIFIC below.

       The -r option causes the current crontab to be removed.

       The -e option is used to edit the current crontab using the editor specified by the VISUAL or EDITOR environment variables.  After you exit
       from the editor, the modified crontab will be installed automatically. If neither of the environment variables is defined, then the default
       editor /usr/bin/editor is used.

       The -i option modifies the -r option to prompt the user for a 'y/Y' response before actually removing the crontab.

DEBIAN SPECIFIC

       The "out-of-the-box" behaviour for crontab -l is to display the three line "DO NOT EDIT THIS FILE" header that is placed at  the  beginning
       of the crontab when it is installed. The problem is that it makes the sequence

       crontab -l | crontab -

       non-idempotent  -- you keep adding copies of the header. This causes pain to scripts that use sed to edit a crontab. Therefore, the default
       behaviour of the -l option has been changed to not output such header. You may obtain the original behaviour  by  setting  the  environment
       variable CRONTAB_NOHEADER to 'N', which will cause the crontab -l command to emit the extraneous header.

SEE ALSO

       crontab(5), cron(8)

FILES

       /etc/cron.allow
       /etc/cron.deny
       /var/spool/cron/crontabs

       There  is one file for each user's crontab under the /var/spool/cron/crontabs directory. Users are not allowed to edit the files under that
       directory directly to ensure that only users allowed by the system to run periodic tasks can  add  them,  and  only  syntactically  correct
       crontabs  will  be written there.  This is enforced by having the directory writable only by the crontab group and configuring crontab com-
       mand with the setgid bid set for that specific group.

STANDARDS

       The crontab command conforms to IEEE Std1003.2-1992 (``POSIX'').  This new command syntax differs from previous versions of Vixie Cron,  as
       well as from the classic SVR3 syntax.

DIAGNOSTICS

       A fairly informative usage message appears if you run it with a bad command line.

       cron  requires  that  each  entry in a crontab end in a newline character. If the last entry in a crontab is missing the newline, cron will
       consider the crontab (at least partially) broken and refuse to install it.

AUTHOR

       Paul Vixie <paul@vix.com> is the author of cron and original creator of this manual page. This page has also been modified  for  Debian  by
       Steve Greenland, Javier Fernandez-Sanguino and Christian Kastner.

4th Berkeley Distribution                                          19 April 2010                                                        CRONTAB(1)
All times are GMT -4. The time now is 05:01 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy