Apache won't serve php across network

Discussion in 'Server Operation' started by bacalao, Jan 9, 2007.

  1. bacalao

    bacalao New Member

    Hi all,
    Localhost and php files, being served, work on LAMP server (CentOS) but when I try it on Windows machine (Firefox) using IP address and specific file it can't find specified files. I'm using Dreamweaver to create php web pages. Any help would be appreciated.

    Thanks in advance,
    Bacalao :confused:
     
  2. Ben

    Ben ISPConfig Developer ISPConfig Developer

    Can you post the output of "netstat -tap" as well as the apache config (but please WITHOUT comments!).

    Does ist make a change if you access e.g. with lynx, wget etc. your webserver from itself either with localhost / 127.0.0.1 or with its LAN-IP?
     
  3. bacalao

    bacalao New Member

    I can view that Apache was setup correctly I just can't view any files I place in /var/www/html.


     
  4. bacalao

    bacalao New Member

    http conf

    Oops, I forgot to add this.

    Code:
    ServerTokens OS
    ServerRoot "/etc/httpd"
    PidFile run/httpd.pid
    Timeout 120
    KeepAlive Off
    <IfModule prefork.c>
    StartServers       8
    MinSpareServers    5
    MaxSpareServers   20
    ServerLimit      256
    MaxClients       256
    MaxRequestsPerChild  4000
    </IfModule>
    <IfModule worker.c>
    StartServers         2
    MaxClients         150
    MinSpareThreads     25
    MaxSpareThreads     75 
    ThreadsPerChild     25
    MaxRequestsPerChild  0
    </IfModule>
    Listen 80
    LoadModule access_module modules/mod_access.so
    LoadModule auth_module modules/mod_auth.so
    LoadModule auth_anon_module modules/mod_auth_anon.so
    LoadModule auth_dbm_module modules/mod_auth_dbm.so
    LoadModule auth_digest_module modules/mod_auth_digest.so
    LoadModule ldap_module modules/mod_ldap.so
    LoadModule auth_ldap_module modules/mod_auth_ldap.so
    LoadModule include_module modules/mod_include.so
    LoadModule log_config_module modules/mod_log_config.so
    LoadModule env_module modules/mod_env.so
    LoadModule mime_magic_module modules/mod_mime_magic.so
    LoadModule cern_meta_module modules/mod_cern_meta.so
    LoadModule expires_module modules/mod_expires.so
    LoadModule deflate_module modules/mod_deflate.so
    LoadModule headers_module modules/mod_headers.so
    LoadModule usertrack_module modules/mod_usertrack.so
    LoadModule setenvif_module modules/mod_setenvif.so
    LoadModule mime_module modules/mod_mime.so
    LoadModule dav_module modules/mod_dav.so
    LoadModule status_module modules/mod_status.so
    LoadModule autoindex_module modules/mod_autoindex.so
    LoadModule asis_module modules/mod_asis.so
    LoadModule info_module modules/mod_info.so
    LoadModule dav_fs_module modules/mod_dav_fs.so
    LoadModule vhost_alias_module modules/mod_vhost_alias.so
    LoadModule negotiation_module modules/mod_negotiation.so
    LoadModule dir_module modules/mod_dir.so
    LoadModule imap_module modules/mod_imap.so
    LoadModule actions_module modules/mod_actions.so
    LoadModule speling_module modules/mod_speling.so
    LoadModule userdir_module modules/mod_userdir.so
    LoadModule alias_module modules/mod_alias.so
    LoadModule rewrite_module modules/mod_rewrite.so
    LoadModule proxy_module modules/mod_proxy.so
    LoadModule proxy_ftp_module modules/mod_proxy_ftp.so
    LoadModule proxy_http_module modules/mod_proxy_http.so
    LoadModule proxy_connect_module modules/mod_proxy_connect.so
    LoadModule cache_module modules/mod_cache.so
    LoadModule suexec_module modules/mod_suexec.so
    LoadModule disk_cache_module modules/mod_disk_cache.so
    LoadModule file_cache_module modules/mod_file_cache.so
    LoadModule mem_cache_module modules/mod_mem_cache.so
    LoadModule cgi_module modules/mod_cgi.so
    Include conf.d/*.conf
    User apache
    Group apache
    ServerAdmin [email protected]
    UseCanonicalName Off
    DocumentRoot "/var/www/html"
    <Directory />
        Options FollowSymLinks
        AllowOverride None
    </Directory>
    <Directory "/var/www/html">
        Options Indexes FollowSymLinks
        AllowOverride None
        Order allow,deny
        Allow from all
    </Directory>
    <IfModule mod_userdir.c>
        UserDir disable
    </IfModule>
    DirectoryIndex index.html index.htm index.shtml index.cgi index.php index.php21 index.pl
    AccessFileName .htaccess
    <Files ~ "^\.ht">
        Order allow,deny
        Deny from all
    </Files>
    TypesConfig /etc/mime.types
    DefaultType text/plain
    <IfModule mod_mime_magic.c>
        MIMEMagicFile conf/magic
    </IfModule>
    HostnameLookups Off
    ErrorLog logs/error_log
    LogLevel warn
    LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
    LogFormat "%h %l %u %t \"%r\" %>s %b" common
    LogFormat "%{Referer}i -> %U" referer
    LogFormat "%{User-agent}i" agent
    CustomLog logs/access_log combined
    ServerSignature On
    Alias /icons/ "/var/www/icons/"
    <Directory "/var/www/icons">
        Options Indexes MultiViews
        AllowOverride None
        Order allow,deny
        Allow from all
    </Directory>
    <IfModule mod_dav_fs.c>
        # Location of the WebDAV lock database.
        DAVLockDB /var/lib/dav/lockdb
    </IfModule>
    ScriptAlias /cgi-bin/ "/var/www/cgi-bin/"
    <Directory "/var/www/cgi-bin">
        AllowOverride None
        Options None
        Order allow,deny
        Allow from all
    </Directory>
    IndexOptions FancyIndexing VersionSort NameWidth=*
    AddIconByEncoding (CMP,/icons/compressed.gif) x-compress x-gzip
    AddIconByType (TXT,/icons/text.gif) text/*
    AddIconByType (IMG,/icons/image2.gif) image/*
    AddIconByType (SND,/icons/sound2.gif) audio/*
    AddIconByType (VID,/icons/movie.gif) video/*
    AddIcon /icons/binary.gif .bin .exe
    AddIcon /icons/binhex.gif .hqx
    AddIcon /icons/tar.gif .tar
    AddIcon /icons/world2.gif .wrl .wrl.gz .vrml .vrm .iv
    AddIcon /icons/compressed.gif .Z .z .tgz .gz .zip
    AddIcon /icons/a.gif .ps .ai .eps
    AddIcon /icons/layout.gif .html .shtml .htm .pdf
    AddIcon /icons/text.gif .txt
    AddIcon /icons/c.gif .c
    AddIcon /icons/p.gif .pl .py
    AddIcon /icons/f.gif .for
    AddIcon /icons/dvi.gif .dvi
    AddIcon /icons/uuencoded.gif .uu
    AddIcon /icons/script.gif .conf .sh .shar .csh .ksh .tcl
    AddIcon /icons/tex.gif .tex
    AddIcon /icons/bomb.gif core
    AddIcon /icons/back.gif ..
    AddIcon /icons/hand.right.gif README
    AddIcon /icons/folder.gif ^^DIRECTORY^^
    AddIcon /icons/blank.gif ^^BLANKICON^^
    DefaultIcon /icons/unknown.gif
    ReadmeName README.html
    HeaderName HEADER.html
    IndexIgnore .??* *~ *# HEADER* README* RCS CVS *,v *,t
    AddLanguage ca .ca
    AddLanguage cs .cz .cs
    AddLanguage da .dk
    AddLanguage de .de
    AddLanguage el .el
    AddLanguage en .en
    AddLanguage eo .eo
    AddLanguage es .es
    AddLanguage et .et
    AddLanguage fr .fr
    AddLanguage he .he
    AddLanguage hr .hr
    AddLanguage it .it
    AddLanguage ja .ja
    AddLanguage ko .ko
    AddLanguage ltz .ltz
    AddLanguage nl .nl
    AddLanguage nn .nn
    AddLanguage no .no
    AddLanguage pl .po
    AddLanguage pt .pt
    AddLanguage pt-BR .pt-br
    AddLanguage ru .ru
    AddLanguage sv .sv
    AddLanguage zh-CN .zh-cn
    AddLanguage zh-TW .zh-tw
    LanguagePriority en ca cs da de el eo es et fr he hr it ja ko ltz nl nn no pl pt pt-BR ru sv zh-CN zh-TW
    ForceLanguagePriority Prefer Fallback
    AddDefaultCharset UTF-8
    AddCharset ISO-8859-1  .iso8859-1  .latin1
    AddCharset ISO-8859-2  .iso8859-2  .latin2 .cen
    AddCharset ISO-8859-3  .iso8859-3  .latin3
    AddCharset ISO-8859-4  .iso8859-4  .latin4
    AddCharset ISO-8859-5  .iso8859-5  .latin5 .cyr .iso-ru
    AddCharset ISO-8859-6  .iso8859-6  .latin6 .arb
    AddCharset ISO-8859-7  .iso8859-7  .latin7 .grk
    AddCharset ISO-8859-8  .iso8859-8  .latin8 .heb
    AddCharset ISO-8859-9  .iso8859-9  .latin9 .trk
    AddCharset ISO-2022-JP .iso2022-jp .jis
    AddCharset ISO-2022-KR .iso2022-kr .kis
    AddCharset ISO-2022-CN .iso2022-cn .cis
    AddCharset Big5        .Big5       .big5
    AddCharset WINDOWS-1251 .cp-1251   .win-1251
    AddCharset CP866       .cp866
    AddCharset KOI8-r      .koi8-r .koi8-ru
    AddCharset KOI8-ru     .koi8-uk .ua
    AddCharset ISO-10646-UCS-2 .ucs2
    AddCharset ISO-10646-UCS-4 .ucs4
    AddCharset UTF-8       .utf8
    AddCharset GB2312      .gb2312 .gb 
    AddCharset utf-7       .utf7
    AddCharset utf-8       .utf8
    AddCharset big5        .big5 .b5
    AddCharset EUC-TW      .euc-tw
    AddCharset EUC-JP      .euc-jp
    AddCharset EUC-KR      .euc-kr
    AddCharset shift_jis   .sjis
    AddType application/x-compress .Z
    AddType application/x-gzip .gz .tgz
    AddHandler imap-file map
    AddHandler type-map var
    AddType text/html .shtml
    AddOutputFilter INCLUDES .shtml
    Alias /error/ "/var/www/error/"
    <IfModule mod_negotiation.c>
    <IfModule mod_include.c>
        <Directory "/var/www/error">
            AllowOverride None
            Options IncludesNoExec
            AddOutputFilter Includes html
            AddHandler type-map var
            Order allow,deny
            Allow from all
            LanguagePriority en es de fr
            ForceLanguagePriority Prefer Fallback
        </Directory>
    </IfModule>
    </IfModule>
    BrowserMatch "Mozilla/2" nokeepalive
    BrowserMatch "MSIE 4\.0b2;" nokeepalive downgrade-1.0 force-response-1.0
    BrowserMatch "RealPlayer 4\.0" force-response-1.0
    BrowserMatch "Java/1\.0" force-response-1.0
    BrowserMatch "JDK/1\.0" force-response-1.0
    BrowserMatch "Microsoft Data Access Internet Publishing Provider" redirect-carefully
    BrowserMatch "^WebDrive" redirect-carefully
    BrowserMatch "^WebDAVFS/1.[012]" redirect-carefully
    BrowserMatch "^gnome-vfs" redirect-carefully
    
     
  5. falko

    falko Super Moderator ISPConfig Developer

    What's the output of
    Code:
    ifconfig
    and
    Code:
    iptables -L
    ? Did you disable SELinux?
     
  6. bacalao

    bacalao New Member

    Config files

    SeLINUX is enabled.

    Code:
    Chain INPUT (policy ACCEPT)
    target     prot opt source               destination
    RH-Firewall-1-INPUT  all  --  anywhere             anywhere
    
    Chain FORWARD (policy ACCEPT)
    target     prot opt source               destination
    RH-Firewall-1-INPUT  all  --  anywhere             anywhere
    
    Chain OUTPUT (policy ACCEPT)
    target     prot opt source               destination
    
    Chain RH-Firewall-1-INPUT (2 references)
    target     prot opt source               destination
    ACCEPT     all  --  anywhere             anywhere
    ACCEPT     all  --  anywhere             anywhere
    ACCEPT     icmp --  anywhere             anywhere            icmp any
    ACCEPT     ipv6-crypt--  anywhere             anywhere
    ACCEPT     ipv6-auth--  anywhere             anywhere
    ACCEPT     udp  --  anywhere             224.0.0.251         udp dpt:5353
    ACCEPT     udp  --  anywhere             anywhere            udp dpt:ipp
    ACCEPT     all  --  anywhere             anywhere            state RELATED,ESTABLISHED
    ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:http
    ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:https
    ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:ftp
    ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:ssh
    ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:smtp
    ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:netbios-ns
    ACCEPT     udp  --  anywhere             anywhere            state NEW udp dpt:netbios-ns
    ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:netbios-dgm
    ACCEPT     udp  --  anywhere             anywhere            state NEW udp dpt:netbios-dgm
    ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:netbios-ssn
    ACCEPT     udp  --  anywhere             anywhere            state NEW udp dpt:netbios-ssn
    ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:microsoft-ds
    ACCEPT     udp  --  anywhere             anywhere            state NEW udp dpt:microsoft-ds
    REJECT     all  --  anywhere             anywhere            reject-with icmp-host-prohibited
    
    Code:
    eth0      Link encap:Ethernet  HWaddr 00:07:95:50:9B:38
              inet addr:192.168.1.3  Bcast:192.168.1.255  Mask:255.255.255.0
              inet6 addr: fe80::207:95ff:fe50:9b38/64 Scope:Link
              UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
              RX packets:12207 errors:0 dropped:0 overruns:0 frame:0
              TX packets:8923 errors:0 dropped:0 overruns:0 carrier:0
              collisions:0 txqueuelen:1000
              RX bytes:11424141 (10.8 MiB)  TX bytes:1444305 (1.3 MiB)
              Interrupt:225 Base address:0xa000
    
    lo        Link encap:Local Loopback
              inet addr:127.0.0.1  Mask:255.0.0.0
              inet6 addr: ::1/128 Scope:Host
              UP LOOPBACK RUNNING  MTU:16436  Metric:1
              RX packets:10025 errors:0 dropped:0 overruns:0 frame:0
              TX packets:10025 errors:0 dropped:0 overruns:0 carrier:0
              collisions:0 txqueuelen:0
              RX bytes:5991148 (5.7 MiB)  TX bytes:5991148 (5.7 MiB)
    
     
  7. bacalao

    bacalao New Member

    I think I got it.

    I "chmod -R 777" the folder within the html folder. Is there any way to do this to the html folder so that anything going into the html folder has the same right permission?
     
  8. martinfst

    martinfst ISPConfig Developer ISPConfig Developer

    This is VERY DANGEROUS. Everyone with some kind of access, either ssh, ftp or the ISP panel can now change the contents of the files in your directory / website. You owe me a beer if your server is hacked within 3 days (provided it's a public server).
     
  9. bacalao

    bacalao New Member

    Can you please direct me to a good howto on how to ssl or ssh the connection? Please? I really don't fancy getting hacked. I like buying beers though.
     
  10. martinfst

    martinfst ISPConfig Developer ISPConfig Developer

    Well it's not the setup of ssh, ftp or anything, but giving your files in the html directory (which I assume is used for web pages) read-write-execute rights for everyone should be your concern. That's what chmod 777 does. The regular permission for directories is 755 (or 775) and for files to be served by a webserver 664. Can you revert to the original settings and work from there to find what your access problem is?
     
  11. bacalao

    bacalao New Member

    I get a 403 forbidden on the page. :confused: Thanks
     
  12. falko

    falko Super Moderator ISPConfig Developer

    What's the output of
    Code:
    ls -la /var/www/html
    ?
     
  13. bacalao

    bacalao New Member

    drwxr-xr-x 2 root root 4096 Aug 13 09:33 .
    drwxr-xr-x 8 root root 4096 Jan 11 20:56 ..
     
  14. falko

    falko Super Moderator ISPConfig Developer

    That's why you get a 403 error. There's nothing in /var/www/html, and directory listings seem to be disabled in your Apache configuration.
    Put an index.html (.php,...) into that directory and try again in your browser.
     
  15. bacalao

    bacalao New Member

    I placed a file into the html folder and still received the same results. I looked around a bit more and found that seLinux was causing these same problems for people. I looked for different ways to work around this without disabling seLinux but I wasn't successful. The only it has worked was to disable seLinux. Is there a way to work around not disabling seLinux?

    Thank you. :confused:
     
    Last edited: Jan 14, 2007
  16. falko

    falko Super Moderator ISPConfig Developer

    I don't know. I always recommend to disable SELinux because it's causing too many problems (as you have noticed ;) ). But you might want to have a look here: http://fedora.redhat.com/docs/selinux-faq-fc5/
     
  17. bacalao

    bacalao New Member

    I got a bit of reading to do. Thanks again. One more question regarding connections. I've tried to get samba to connect to the web server but I get a login box that doesn't except any user or pass. Here's smb.conf. I've messed with settings so much!

    Code:
    # Samba config file created using SWAT
    # from 192.168.1.3 (192.168.1.3)
    # Date: 2007/01/16 05:59:56
    
    # Global parameters
    # Samba config file created using SWAT
    # from 192.168.1.3 (192.168.1.3)
    # Date: 2007/01/16 06:05:07
    
    # Global parameters
    [global]
    	workgroup = MSHOME
    	server string = Linux Server
    	log file = /var/log/samba/%m.log
    	max log size = 50
    	smb ports = 445 139 138 137
    	socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
    	dns proxy = No
    	ldap ssl = no
    	idmap uid = 16777216-33554431
    	idmap gid = 16777216-33554431
    	cups options = raw
    
    [homes]
    	comment = Home Directories
    	path = /home/%u
    	username = victor
    	admin users = victor
    	write list = victor
    	read only = No
    	browseable = No
    	available = No
    
    [printers]
    	comment = All Printers
    	path = /var/spool/samba
    	printable = Yes
    	browseable = No
    
    [www]
    	comment = Web Server
    	path = /var/www/html
    	valid users = centos, victor, @victor
    	admin users = centos, victor
    	write list = centos, victor
    	read only = No
    	create mask = 0644
    	directory security mask = 0755
    	guest ok = Yes
    	hosts allow = 192.168.1/24
    
    [epson-265]
    	path = \\milton\epson-265
    	guest ok = Yes
    	printable = Yes
    
    [share]
    	comment = All Users
    	path = /home/samba/share
    	read only = No
    	guest ok = Yes
    
    [public]
    	comment = All Shares
    	path = /home/samba/public
    	read only = No
    	guest ok = Yes
    
    I also see a folder that says "root" how do I get rid of that?
     

Share This Page