hawkesley Posted April 28, 2014 Report Share Posted April 28, 2014 I have two domains.The first in the root www as files, the second in a folder in root wwwI can access the first but not the second which is only available through local host.I configured virtual host using the apache menu in Coral 6.8 and set up a virtual host for the second domain.The vitual host is enabled and the ht access for outside is enabled.In the second domain log I getthis 109.152.69.150 - - [28/Apr/2014:17:26:24 +0100] "GET / HTTP/1.1" 403 202and a message You do not have permission to access on this serverAny suggestions as to where to look appreciated. Quote Link to comment Share on other sites More sharing options...
meows Posted April 29, 2014 Report Share Posted April 29, 2014 look hereand check htaccess http://forum.uniformserver.com/index.php?showtopic=2826&hl=%2Baddress+%2Bserver Quote Link to comment Share on other sites More sharing options...
hawkesley Posted April 30, 2014 Author Report Share Posted April 30, 2014 HiThanks for that.I have looked for an obvious error but cant find it.I have posted below the config data I am seeing if it helps.Just to note i have an ht access file in the www root and two ht access files in the Vhosts folder.I have two domains. Somewhere4u is in the root www and works.hawkesleypublishingsolutions is in a folder so named in the root www and give the Forbidden message. Apache Virtual Host Port: 80 Document Root :C:/UniServer/www/hawkesleypublishingsolutions Server Name: hawkesleypublishingsolutions.comServer Alias: www.hawkesleypublishingsolutions.com *.hawkesleypublishingsolutions.comError Log : logs/hawkesleypublishingsolutions.com-error.logCustom LOg:logs/hawkesleypublishingsolutions.com-access.log commonUpdate Host<Directory "C:\UniServer\www\hawkesleypublishingsolutions"> Options Indexes Includes AllowOverride All Require all granted</Directory>List of Hostlocalhosthawkesleypublishingsolutions.ht access in www#------------------------------------------------------------------------------# Server root folder www .htaccess# This file provides server security limiting access to the localhost only.# Comment next four lines to deactivate. (Allows external access)#------------------------------------------------------------------------------#Order Deny,Allow#Deny from all#Allow from 127.0.0.1#Allow from ::1#------------------------------------------------------------------------------# To allow execution of cgi scripts in this directory uncomment next two lines.#------------------------------------------------------------------------------AddHandler cgi-script .pl .cgiOptions +ExecCGI +FollowSymLinks#------------------------------------------------------------------------------# Activate this section to use the Private Server Feature!# Defaults: Username - root; Password - root# Note AuthUserFile: File path is relative to server root# To lock server, uncomment the next 4 lines. (A name and password is required)#------------------------------------------------------------------------------#AuthName "Uniform Server - Server Access"#AuthType Basic#AuthUserFile ../../../htpasswd/www/.htpasswd#Require valid-user# BEGIN WordPressRewriteEngine OnRewriteBase /RewriteRule ^index\.php$ - [L]# add a trailing slash to /wp-adminRewriteRule ^([_0-9a-zA-Z-]+/)?wp-admin$ $1wp-admin/ [R=301,L]RewriteCond %{REQUEST_FILENAME} -f [OR]RewriteCond %{REQUEST_FILENAME} -dRewriteRule ^ - [L]RewriteRule ^([_0-9a-zA-Z-]+/)?(wp-(content|admin|includes).*) $2 [L]RewriteRule ^([_0-9a-zA-Z-]+/)?(.*\.php)$ $2 [L]RewriteRule . index.php [L]# END WordPressVHosts filecontanis 2 folders with .ht accesshawkesleypublishingsolutionssomewhere4u.comthe ht access in both is#------------------------------------------------------------------------------# Vhosts Server root folder. File .htaccess# This file provides server security limiting access to the localhost only.# Comment next four lines to deactivate. (Allows external access)#------------------------------------------------------------------------------Order Deny,AllowDeny from allAllow from 127.0.0.1Allow from ::1#------------------------------------------------------------------------------# To allow execution of cgi scripts in this directory uncomment next two lines.#------------------------------------------------------------------------------AddHandler cgi-script .pl .cgiOptions +ExecCGI +FollowSymLinks#------------------------------------------------------------------------------# Activate this section to use the Private Server Feature!# AuthName: Replace with a suitable name appropriate to your site# AuthType: Do not change# AuthUserFile: ../../../htpasswd Corresponds to folder UniServer\htpasswd# In folder UniServer\htpasswd create a new folder e.g Vhost_1# In this new folder create a new file named .htpasswd# Edit this file and add a name and passwrd for example# name123:password45# Path will look like this (replace xxx with your new folder):# ../../../htpasswd/Vhost_1/.htpasswd# Note: AuthUserFile - File path is relative to server root# To lock server, uncomment the next 4 lines. (A name and password is required)#------------------------------------------------------------------------------#AuthName "Uniform Server - Server Access"#AuthType Basic#AuthUserFile ../../../htpasswd/xxx/.htpasswd#Require valid-userApache httpd conf file##====== VIRTUAL HOST ===========#To enable uncomment next lineInclude conf/extra/httpd-vhosts.conf# Local access to the Apache HTTP Server Manual#Include conf/extra/httpd-manual.conf# Distributed authoring and versioning (WebDAV)#Include conf/extra/httpd-dav.conf# Various default settingsInclude conf/extra/httpd-default.conf<IfModule ssl_module># Secure (SSL/TLS) connectionsInclude conf/extra/httpd-ssl.conf</IfModule># Deflate Module configuration<IfModule deflate_module>Include conf/extra/httpd-deflate.conf</IfModule># FastCGI Module configuration<IfModule fcgid_module>Include conf/extra/httpd-fcgid.conf</IfModule># Proxy Html Module configuration<IfModule proxy_html_module>Include conf/extra/httpd-fcgid.conf</IfModule># Uptime Module configuration<IfModule uptime_module> Include conf/extra/httpd-uptime.conf</IfModule> Quote Link to comment Share on other sites More sharing options...
meows Posted May 1, 2014 Report Share Posted May 1, 2014 # BEGIN WordPressRewriteEngine OnRewriteBase /RewriteRule ^index\.php$ - [L] why does wordpress require the rewrite engine?I never could master it.and know nothing about using word press.. Your ,htaccess is the ht access in both is#------------------------------------------------------------------------------# Vhosts Server root folder. File .htaccess# This file provides server security limiting access to the localhost only.# Comment next four lines to deactivate. (Allows external access)#------------------------------------------------------------------------------ Order Deny,AllowDeny from allAllow from 127.0.0.1Allow from ::1 #------------------------------------------------------------------------------# To allow execution of cgi scripts in this directory uncomment next two lines.#------------------------------------------------------------------------------ AddHandler cgi-script .pl .cgiOptions +ExecCGI +FollowSymLinks #------------------------------------------------------------------------------# Activate this section to use the Private Server Feature!# AuthName: Replace with a suitable name appropriate to your site# AuthType: Do not change# AuthUserFile: ../../../htpasswd Corresponds to folder UniServer\htpasswd# In folder UniServer\htpasswd create a new folder e.g Vhost_1# In this new folder create a new file named .htpasswd# Edit this file and add a name and passwrd for example# name123:password45# Path will look like this (replace xxx with your new folder):# ../../../htpasswd/Vhost_1/.htpasswd# Note: AuthUserFile - File path is relative to server root# To lock server, uncomment the next 4 lines. (A name and password is required)#------------------------------------------------------------------------------ #AuthName "Uniform Server - Server Access"#AuthType Basic#AuthUserFile ../../../htpasswd/xxx/.htpasswd#Require valid-user FYIsome of that belongs in the httpcfg file I think here is my root htaccess <Files *> order deny,allow ##### READ THIS BEFORE USING THE LISTS BELOW HERE! ### If your website, or dedicated server, has an IP address falling within the ones below and you use absolute URLs in your includes or links, those pages will be blocked from loading. ### If this occurs you should find the IP of your website, or server, and allow it, using the example form: allow from (your IP address(es)) ### You can find your website's IP address by logging into your website's Control Panel (e.g. Cpanel, Plesk, vDeck, Ensim) and it should be displayed on the control panel home page. ### You can also run a Whois lookup, at - http://whois.domaintools.com - on your domain name, to see the IP where it is hosted. ### Example of a page that might be blocked: You use PHP (or SSI) includes for headers, navigation links, or footers, using this form: <php include('http://www.example.com/folder/filename'); ### If your web server is covered by this blocklist the included page will get a 403 forbidden server status. ### If you host multiple web pages and they communicate with each other using http scripts, the communication will break if either is listed, unless you add "allow from" directives on each web site's blocklist, for the other's specific IP address(es). ### You can also avoid having your own includes or linked pages blocked, by using relative URLs instead. E.g: <php include('/folder/filename'); ## Servers should not be contacting other servers, trying to spam or exploit them. That's how they got on these lists in the first place! ## There are a lot of commonly used web servers covered by the following "deny from" lists! Your website may be hosted on an IP in these blocklists. # The web servers blocked here are being used as proxy servers, for attacking other servers, or for harvesting, scraping, spamming, phishing, or hosting hostile scripts used to infect personal computers. As such they are threats to your website, even if you are with a host on this list. # These are not ISPs or PCs. They are website hosting servers, parked domain hosts and datacenters. ### All of Peg Tech Inc's CIDRs are going into this blocklist! Comment Spam, hack attempts RFI attempts... ############################################## Blocklist Begins ############################################### ###### Exploited - shared, VPS and dedicated web servers, listed by the entire CIDR assigned to each hosting company. # Miscellaneous badware, spammers and exploiting hosts and servers: deny from 5.34.240.0/21 5.254.144.213 67.215.235.224/27 78.46.64.0/19 79.143.80.0/22 94.242.237.0/24 137.175.0.0/17 142.0.128.0/20 142.4.96.0/19 142.4.192.0/19 188.165.192.0/18 192.74.224.0/19 198.2.192.0/18 198.199.64.0/18 208.115.124.0/23 208.115.192.0/18 # DigitalOcean and ServerStack deny from 82.196.0.0/20 95.85.0.0/21 141.0.170.0/24 162.243.0.0/16 185.14.187.0/24 188.226.128.0/17 192.34.56.0/21 192.81.208.0/20 192.241.128.0/17 198.199.64.0/18 208.68.36.0/22 # Psychz Networks - Spam and attack friendly web hosting company that turns a blind eye to abuse reports deny from 23.91.0.0/19 23.238.128.0/17 74.117.56.0/21 107.160.158.64/27 108.171.240.0/20 173.224.208.0/20 192.210.48.0/20 199.71.212.0/22 199.119.200.0/21 208.87.240.0/22 216.24.192.0/20 216.99.144.0/20 # Proxy servers and services and hosting companies with proxy server clients, listed by the full CIDR of the hosting company. deny from 61.206.125.0/24 62.171.194.0/23 75.126.0.0/16 80.33.0.0/16 80.58.0.0/16 81.12.0.0/17 83.16.154.152/29 85.10.219.104/29 85.92.130.0/24 85.185.0.0/16 88.198.241.104/29 88.198.252.144/29 145.253.239.8/29 150.188.0.0/15 193.164.131.0/24 194.112.195.202 198.145.112.128/25 198.145.182.0/26 200.30.64.0/20 200.43.108.0/24 200.75.128.0/20 200.126.112.0/20 200.172.222.0/26 200.202.192.0/18 200.210.0.0/16 203.160.0.0/23 207.44.128.0/17 207.210.192.0/18 208.110.68.144/29 216.104.32.0/20 # Individual Proxy Server IPs deny from 64.20.205.251 64.202.161.130 66.6.122.130 66.36.230.163 66.37.153.74 66.63.167.166 66.79.162.102 66.212.18.89 66.232.107.140 69.50.208.74 69.94.124.137 72.55.146.175 72.167.115.164 74.115.6.56 74.208.16.108 75.175.243.195 76.76.15.73 77.235.40.189 85.92.130.117 88.198.5.220 88.214.192.24 91.186.21.78 141.76.45.34 206.221.184.108 208.100.20.148 209.139.208.236 # Cyveillance, Performance Systems International (PSI) and associated companies (Internet Content Spies) deny from 38.100.21.0/24 38.100.22.104/29 38.100.22.112/28 38.100.22.128/26 38.100.41.64/26 Deny from panther2.de15.westnic.net Deny from westnic.net Deny from 46.105.100.220 Deny from 69.174.245.163 Deny from 193.150.120.30 Deny from 118.112.220.253 Deny from 195.117.114.106 Deny from 96.228.219.146 Deny from 201.11.66.5 Deny from 180.139.103.56 Deny from 177.128.120.15 Deny from 23.22.48.146 Deny from 37.18.240.65 Deny from 96.48.112.11 Deny from 201.6.102.47 Deny from 23.20.45.36 Deny from 50.57.66.207 Deny from 124.202.143.250 Deny from 190.210.94.108 Deny from 88.47.191.103 Deny from 27.22.161.200 Deny from 178.21.118.229 Deny from 139.179.10.211 Deny from 103.245.152.83 Deny from 68.68.162.133 Deny from 220.113.8.111 Deny from 211.115.89.124 Deny from 60.251.100.120 Deny from 37.139.50.100 Deny from 190.193.101.39 Deny from 87.110.24.170 Deny from 110.77.240.252 Deny from 201.11.66.5 Deny from 189.170.41.196 Deny from 157.55.32.237 Deny from 121.205.249.182 Deny from 115.87.43.65 Deny from 110.77.141.116 Deny from 77.121.132.79 Deny from 67.52.118.42 Deny from 78.84.29.242 Deny from 61.31.162.84 Deny from 138.91.184.123 Deny from 103.7.59.78 Deny from 186.9.15.63 Deny from 94.26.18.183 Deny from 186.9.15.63 Deny from 183.234.96.112 Deny from 140.112.54.153 Deny from 200.6.157.174 Deny from 87.213.11.165 Deny from 109.236.25.110 Deny from 140.117.176.115 Deny from 219.68.172.27 Deny from 80.82.65.57 Deny from 180.139.103.56 Deny from 176.106.74.182 Deny from 114.34.19.63 Deny from 125.24.174.6 Deny from 61.208.191.236 Deny from 92.108.48.17 Deny from 114.47.175.114 Deny from 207.150.188.54 Deny from 186.10.4.24 Deny from 111.73.45.204 Deny from 221.208.168.183 Deny from 103.248.22.134 Deny from 137.135.13.28 Deny from 213.88.17.115 Deny from 175.99.86.37 Deny from 120.107.149.73 Deny from 125.231.60.241 Deny from 23.22.48.146 Deny from 190.36.227.147 Deny from 84.91.208.208 Deny from 199.168.136.160 Deny from 121.254.68.1 Deny from 200.44.159.116 Deny from 186-103-144-130 Deny from 202.46.53.68 Deny from 119.63 Deny from 120.110.7.10 Deny from 159.0.21.101 Deny from ctinets.com Deny from 119.63.193.195 Deny from 119.63. Deny from 118.37.244.222 Deny from cnsat.com.cn Deny from 200.98.140.147 Deny from clouduol.com.br Deny from clouduol.com Deny from ptr.cnsat.com.cn # Removed Schlund US, including SIM.ORG from the exploited servers list on Jan 20, 2009 allow from 82.165.128.0/17 85.10.209.128/27 ####################################################### # We occasionally move some of the individual proxy IP addresses into the Exploited Servers list, as their host's CIDR is confirmed as not belonging to an ISP. # The IP addresses in this blocklist belong to various types of web hosting companies, server farms and datacenters. # Add other blocked domain names or IP addresses here, starting with "deny from " without quotes # If you find that you need to poke a hole in the blocklist for legitimate visitors, follow this example: allow from 123.456.789.0 # Add "allow from" IP addresses, or CIDR Ranges, after all of the "deny from" items, just before the closing Files tag. # Everything not included within these deny from ranges is PERMITTED by the allow portion of the directive. # If some or all of your own webpages are 403'd by this blocklist, place your server's IP address(es)s after "allow from" below, then remove the comment before it. # allow from 75.160.145.122 allow from 75.160.145.122 ## FORCE FILE TO DOWNLOAD INSTEAD OF APPEAR IN BROWSER # http://www.htaccesselite.com/addtype-addhandler-action-vf6.html AddType application/octet-stream .mov .mp3 .zip ## LIMIT UPLOAD FILE SIZE TO PROTECT AGAINST DOS ATTACK #bytes, 0-2147483647(2GB) LimitRequestBody 102400 ## Block common exploit requests with 403 Forbidden. These can help alot, may break some plugins. [403] #RewriteEngine on # Allow only GET and POST verbs #RewriteCond %{REQUEST_METHOD} !^(GET|POST)$ [NC,OR] # Ban Typical Vulnerability Scanners and others # Kick out Script Kiddies RewriteCond %{HTTP_USER_AGENT} ^(java|curl|wget).* [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^.*(libwww-perl|curl|wget|python|nikto|wkito|pikto|scan|acunetix).* [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^.*(winhttp|HTTrack|clshttp|archiver|loader|email|harvest|extract|grab|miner).* [NC,OR] RewriteRule ^.*$ http://english-61925045732.spampoison.com [R,L] # Ban Search Engines, Crawlers to your administrative panel # No reasons to access from bots # Ultimately Better than the useless robots.txt # Did google respect robots.txt? # Try google: intitle:phpMyAdmin intext:"Welcome to phpMyAdmin *.*.*" intext:"Log in" -wiki -forum -forums -questions intext:"Cookies must be enabled" #RewriteCond %{HTTP_USER_AGENT} ^.*(AdsBot-Google|ia_archiver|Scooter|Ask.Jeeves|Baiduspider|Exabot|FAST.Enterprise.Crawler|FAST-WebCrawler|www\.neomo\.de|Gigabot|Mediapartners-Google|Google.Desktop|Feedfetcher-Google|Googlebot|heise-IT-Markt-Crawler|heritrix|ibm.com\cs/crawler|ICCrawler|ichiro|MJ12bot|MetagerBot|msnbot-NewsBlogs|msnbot|msnbot-media|NG-Search|lucene.apache.org|NutchCVS|OmniExplorer_Bot|online.link.validator|psbot0|Seekbot|Sensis.Web.Crawler|SEO.search.Crawler|Seoma.\[SEO.Crawler\]|SEOsearch|Snappy|www.urltrends.com|www.tkl.iis.u-tokyo.ac.jp/~crawler|SynooBot|crawleradmin.t-info@telekom.de|TurnitinBot|voyager|W3.SiteSearch.Crawler|W3C-checklink|W3C_Validator|www.WISEnutbot.com|yacybot|Yahoo-MMCrawler|Yahoo\!.DE.Slurp|Yahoo\!.Slurp|YahooSeeker).* [NC] #RewriteRule .* - [F] #RewriteCond %{REQUEST_URI} !^/(wp-login.php|wp-admin/|wp-content/plugins/|wp-includes/|cgi-bin/).* [NC] #RewriteCond %{THE_REQUEST} ^[A-Z]{3,9}\ ///.*\ HTTP/ [NC,OR] #RewriteCond %{THE_REQUEST} ^[A-Z]{3,9}\ /.*\?\=?(http|ftp|ssl|https):/.*\ HTTP/ [NC,OR] #RewriteCond %{THE_REQUEST} ^[A-Z]{3,9}\ /.*\?\?.*\ HTTP/ [NC,OR] #RewriteCond %{THE_REQUEST} ^[A-Z]{3,9}\ /.*\.(asp|ini|dll).*\ HTTP/ [NC,OR] #RewriteCond %{THE_REQUEST} ^[A-Z]{3,9}\ /.*\.(htpasswd|htaccess|aahtpasswd).*\ HTTP/ [NC] #RewriteRule .* - [F,NS,L] </Files> # This prevents web browsers or spiders from seeing your .htaccess directives: <Files .htaccess> deny from all </Files> Quote Link to comment Share on other sites More sharing options...
meows Posted May 1, 2014 Report Share Posted May 1, 2014 here is a suggested htaccess from wordpress Hardening WordPress with .htaccess DreamHost httpd.conf ? htaccess-file example August 12, 2008 by Charles Torvalds 1 Comment # Place a .htaccess file in each directory you want to protect. ######################################################################## # SECURITY / ACCESS CONTROL # # If the web server's AllowOverride allows AUTHCONFIG to be overridden # ######################################################################## # # Save both .htpasswd and .htgroup files in a directory above "documentroot" directory # (e.g. not in or below /apache/htdocs) but could be below "serverroot" directory # (e.g. below /apache). # This will pop-up a user/password dialog box saying Realm = AuthName "Restricted Area" # AuthType is normally basic. Not very secure until "Digest" type becomes prevalent AuthType basic # If value of AuthUserFile doesn't begin with a slash, it is treated as # relative to the ServerRoot (not DocumentRoot!) AuthUserFile "/userhome/blahBlah/.htpasswd" AuthGroupFile "/userhome/blahBlah/.htgroup" # Each line of the user file contains a username followed by a colon, followed by the crypt() # encrypted password. The behavior of multiple occurrences of the same user is undefined. # You can generate a password file on your system by typing commands on the OS prompt as follows: # htpasswd -c Filename username # Creates a password file 'Filename' with 'username' # # as the first user. It will prompt for the new password. # htpasswd Filename username2 # Adds or modifies in password file 'Filename' the 'username2'. # # Each line of the group file contains a groupname followed by a colon, followed by # the member usernames separated by spaces. For example, put this on one line in the .htgroup file: # mygroup: bob joe anne # This set to off will forward a not-found userid to the next-in-line module for authentication. # 'On' is the default It is better that way. #AuthAuthoritative off # Now, we allow specific users or groups to get in. # require user joe john mary require valid-user require group family friends # More Authentication related, rarely used # AuthDBGroupFile # AuthDBUserFile # AuthDBAuthoritative # AuthDBMGroupFile # AuthDBMUserFile # AuthDBMAuthoritative # AuthDigestFile # AuthDigestGroupFile # AuthDigestQop # AuthDigestNonceLifetime # AuthDigestNonceFormat # AuthDigestNcCheck # AuthDigestAlgorithm # AuthDigestDomain # Using Digest Authentication ############################################################################### # From here on, if something is not working as you might expect, try to make sure that # the corresponding AllowOverride is enabled in , or sections # of server configuarion files (generally httpd.conf, can be access.conf or srm.conf). # Allowoverride could be: # 1. AuthConfig (allows AuthName, AuthUserFile, require etc. in .htaccess file) # 2. FileInfo (allows AddType, DefaultType, ErrorDocument etc. in .htaccess file) # 3. Indexes (allows DirectoryIndex, FancyIndexing, IndexOptions etc. in .htaccess file) # 4. Limit (allows use of allow, deny and order directives which control access by host) # 5. Options (allows use of options directive in .htaccess file - see below) # 6. All (allows all of the above in .htaccess file. Rare) # 7. None (allows none of the above in .htaccess file. Rare) # Usually, AuthConfig is allowed. Rest is up to the particular web host company. # # If you get server errors after putting this file in, try disabling # each section below one-by-one to see what your web hosting company # allows (or you can ask them ############################################################################### ###################################################################### # If the web server's AllowOverride allows FILEINFO to be overridden # ###################################################################### # CookieTracking, AddType, DefaultType, AddHandler, Action, ErrorDocument # Redirect, Redirectmatch, RedirectPermanent, RedirectTemp # AddEncoding, AddCharset, AddLanguage, LanguagePriority, DefaultLanguage #### Comment it out if UserTrack module is not loaded in the server #CookieName "woiqatty" #CookieTracking on # Tweak mime.types without actually editing it, or make certain files to be certain types. #AddType application/x-httpd-php3 .phtml AddType application/x-httpd-php3 .php AddType application/x-httpd-php3 .php3 AddType application/x-httpd-php3-source .phps AddType application/x-tar .tgz # In this directory, default filetype is this one if Server cannot # otherwise determine from filename extensions. # Mostly text or HTML - "text/plain", gif images - "image/gif", # compiled porgrams - "application/octet-stream" DefaultType text/plain # DefaultType image/gif # DefaultType application/octet-stream ################### THIS IS IMPORTANT! ##################### # AddHandler allows you to map certain file extensions to "handlers", # actions unrelated to filetype. These can be either built into the server # or added with the Action command (see below). # If you want to use server side includes, or CGI outside # ScriptAliased directories, uncomment the following lines. # To use CGI scripts: AddHandler cgi-script cgi pl # To use server-parsed HTML files AddType text/html .shtml AddHandler server-parsed .shtml # Example of a file whose contents are sent as is so as to tell the client that a file has redirected. # # Server always adds a Date: and Server: header to the data returned to the client, # so don't include these in the file. #AddHandler send-as-is asis # If you wish to use server-parsed imagemap files, use AddHandler imap-file map # For content negotiation use #AddHandler type-map var # Action lets you define media types that will execute a script whenever # a matching file is called. This eliminates the need for repeated URL # pathnames for oft-used CGI file processors. # Format: Action action-type cgi-script # Format: Action media/type /cgi-script/location # Format: Action handler-name /cgi-script/location #Action cgi-script /cgi-bin/default.cgi # Redirect [status] ABSOLUTE-path-of-old-url new-url. Default status is temp. # Status is one of permanent (returns 301), temp (returns 302), # seeother (returns 303, see other document in same place), # gone (returns 410, no longer available at all) - Don't specify new-URL # Here, if the client requests http://myserver/service/foo.txt, it will be told # to access http://foo2.bar.com/service/foo.txt instead. #Redirect /service http://foo2.bar.com/service # Customizable error response. Three styles: # 1. Plain Text - the (") marks it as text, it does not get output #ErrorDocument 500 "The server made a boo boo. # 2. Local Redirects - e.g. To redirect to local URL /missing.html #ErrorDocument 404 /missing.html #ErrorDocument 404 /cgi-bin/missing_handler.pl # 3. External Redirects (All env. variables don't go to the redirected location) #ErrorDocument 402 http://some.other_server.com/subscription_info.html # Mosaic/X 2.1+ browsers can uncompress information on the fly AddEncoding x-compress Z AddEncoding x-gzip gz tgz #Content negotiation directives #AddLanguage fr .fr # Just list the languages in decreasing order of preference. LanguagePriority en fr it ###################################################################### # If the web server's AllowOverride allows INDEXES to be overridden # ###################################################################### # DirectoryIndex, ExpiresActive, ExpiresByType, ExpiresDefault # ImapBase, ImapDefault, ImapMenu # FancyIndexing, IndexOptions, IndexOrderDefault, IndexIgnore, HeaderName, ReadmeName # AddDescription, AddAlt, AddAltByEncoding, AddAltByType # AddIcon, AddIconByEncoding, AddIconByType, DefaultIcon # Default file to send to the client if none specified. # Separate multiple entries with spaces. # If none of these files exists in a directory, a directory listing may # be returned depending on Options Indexes setting. DirectoryIndex index.html index.htm index.shtml index.php index.php3 index.pl index.cgi /cgi-bin/index.cgi # Must enable expirations to use other expire directives #ExpiresActive on # 'M' means that the file's last modification time should be used as the base time # 'A' means the client's access time should be used as base time #ExpiresDefault M604800 # Expire GIF images after a month in the client's cache #ExpiresByType image/gif A2592000 # HTML documents are good for a week from the time they were changed, period #ExpiresByType text/html M604800 #ExpiresByType text/html "access plus 1 month 15 days 2 hours" #ExpiresDefault "modification plus 5 hours 3 minutes" #ExpiresByType text/html "now plus 1 month 15 days 2 hours" # ImapMenu can be none, formatted, semiformatted, unformatted ImapMenu semiformatted # ImapDefault can be error, nocontent, map, referer, or some useful URL. # The .map file overrides this. ImapDefault map # ImapBase can be map, referer, URL. The .map file overrides this. ImapBase referer ############## THIS HERE IS NOT TOO IMPORTANT! ################### # Apache version dependent. If Options indexes is allowed, Server will behave as follows: #IndexOptions FancyIndexing FoldersFirst NameWidth=* DescriptionWidth=* #IndexOptions FancyIndexing NameWidth=* #IndexOptions +IconHeight=20 +IconWidth=20 +IconsAreLinks #IndexOptions +ScanHTMLTitles #IndexOptions +SuppressColumnSorting #IndexOptions +SuppressDescription #IndexOptions +SuppressLastModified #IndexOptions +SuppressSize #IndexOptions SuppressHTMLPreamble # Sort by Name, Date, Size, or Description? Default is name. #IndexOrderDefault Ascending Name # Don't list these files #IndexIgnore .??* *~ *# HEADER* README* RCS CVS *,v *,t # Server .conf should already have set these up. You should only set # the missing ones in .htaccess files (if you ever find out) #AddIconByEncoding (CMP,/icons/compressed.gif) x-compress x-gzip #AddIconByType (TXT,/icons/text.gif) text/* #AddIconByType (IMG,/icons/image2.gif) image/* #AddIcon /icons/binary.gif .bin .exe #AddIcon /icons/text.gif .txt #AddIcon /icons/uuencoded.gif .uu #AddIcon /icons/hand.right.gif README #AddIcon /icons/folder.gif ^^DIRECTORY^^ #AddIcon /icons/blank.gif ^^BLANKICON^^ # If no file type matches.. #DefaultIcon /icons/unknown.gif #AddDescription "GZIP compressed document" .gz AddDescription "Java class file" .class AddDescription "Java source file" .java AddDescription "Java Server Pages source file" .jsp # Server writes the contents of HeaderName file before the directory listing by adding .html or .txt to the specified name. # Server writes the contents of ReadmeName after the directory listing. # The server looks for the-specified-name.html, then the-specified-name.txt ReadmeName README HeaderName HEADER ############## END OF NOT-TOO-IMPORTANT ################### ###################################################################### # If the web server's AllowOverride allows LIMIT to be overridden # ###################################################################### # order, allow from, deny from, allow from env, deny from env # Controls which domain name or computer host client can get stuff from this server. # No space between allow and deny in order (just comma). allow from all is default #order allow,deny #deny from all #deny from www.yahoo.com #allow from www.yahoo.com # The allow from env directive controls access to a directory by the existence # (or non-existence) of an environment variable. Example: # BrowserMatch ^KnockKnock/2.0 let_me_in # # order deny,allow # deny from all # allow from env=let_me_in # ###################################################################### # If the web server's AllowOverride allows OPTIONS to be overridden # ###################################################################### # Options, XBitHack, CheckSpelling, Example - in order of importance # Options: # ExecCGI - Execution of CGI scripts is permitted # FollowSymLinks - Server will follow symbolic links in this directory # SymLinksIfOwnerMatch - Server follows sym links if target file/dir owned by the same user id as the link # Includes - Server-side includes are permitted # IncludesNOEXEC - Server-side includes permitted, #exec and #include of CGI scripts are disabled # Indexes - Lists directory if no index file is found # MultiViews - Content negotiated MultiViews are allowed. # Note that "MultiViews" must be named *explicitly* --- "Options All" doesn't give it to you. # This here resets any previous settings # Options IncludesNOEXEC MultiViews Options Includes MultiViews # Or, add/subtract from prior options #Options +Indexes -Includes # To disable execution of SSI and CGI in this directory #Options -Includes -IncludesNOEXEC -ExecCGI # Checks "user" execute permission on file. If yes, executes it as SSI. # Then, no need for special file extension .shtml XBitHack on # Matches document(s) if maximum one spelling mistake # CheckSpelling on #Example directive is Apache API related for Apache programmers ###################################################################### # The following do not depend on AllowOverride setting at all # # These are either always available or need a loaded module # ###################################################################### # Generally available: # Satisfy, ServerSignature, LimitRequestBody # ... , ... # ... , ... # ... , ... # ForceType, SetHandler, RemoveHandler, AddDefaultCharset # Optionally installed modules: # CookieName, Header # Satisfy any is used to password restrict an area, but to let clients from particular # addresses as defined in 'allow from' to get in without prompting for a password. Default is "all" #Satisfy any # Access control by file name in a directory where .htaccess file is placed: # The following lines prevent .htaccess files from being viewed by # Web clients. Since .htaccess files often contain authorization # information, access is disallowed for security reasons. Comment # these lines out if you want Web visitors to see the contents of # .htaccess files. If you change the AccessFileName directive above, # be sure to make the corresponding changes here. order allow,deny deny from all # Can use reg exp instead of line below. # # order allow,deny # allow from all # # Optionally add a line containing the server version and virtual host # name to server-generated pages (error documents, FTP directory listings, # mod_status and mod_info output etc., but not CGI generated documents). # Set to "EMail" to also include a mailto: link to the ServerAdmin. #ServerSignature On #ServerSignature EMail # Specify cookie name to be used if CookieTracking is set to on. Needs mod_usertrack installed. # I specify this up in FileInfo overriding # CookieName "woiqatty" # To control denial-of-service attacks LimitRequestBody 3000000 # For documents served through this directory, modify headers as follows: # Can also be set, add. Mod_header not generally available. #Header append Author "V. Singla" #Header unset Author ################# For Apache Windows version only ###################### # use this to specify whether Apache should search windows registry # or the #! line of the called script itself for interpreter name and location. #ScriptInterpreterSource script # Tries to match the called file's extension in registry (e.g. search registry for .pl or .cgi) #ScriptInterpreterSource registry ############ END OF .htaccess FILE ############# .htaccess & php .htaccess always add www .htaccess dynamic directories .htaccess mod rewrite .htaccess rewrite mask external link .htaccess rewrite rule .htaccess url rewrite apache askapache authority bb code tags bbcode to html php script bilingual bilingual multilingual apache web development askapache blog blogging bsd cache comment out htaccess development disable external referrer to pages htaccess dreamhost engine example FastCGI ffmpeg hacking hacking htaccess header how much does mod rewrite htaccess htaccess php include htaccess rewrite htaccess rewrite explained htaccess rewrite rule options htaccess rewrite url htaccess rewrite ~without slash htaccess tips htaccess tips tricks htaccess www httpd.conf ip range htaccess deny from"" javascript linux mod rewrite php to htm mod_rewrite multilanguage multivies php sample .htpasswds php session length .htaccess php url rewrite prefetch prefetching programming redirect redirect htaccess remove index.htm review rewrite .htaccess rewriteengine on rewriterule rewriterule htaccess rewrite the w3c validation link to work without query s rewrite url .htaccess scripting search security SEO shell short url + htaccess ssl suexec tutorials unix W3C wordpress Blog at WordPress.com. Now v hosts strongly advise starting simple.. then expand with other rules. this works for me.<VirtualHost *:80> ServerAdmin meows@techie.com DocumentRoot "C:\UniServerZ\ww78" ServerName 78ez.com #ServerName localhost:80 ServerAlias www.78ez.com ErrorLog "logs/78ez-error.log" CustomLog "logs/78ez-access.log" combined <Directory "C:\UniServerZ\ww78">Options Indexes IncludesAllowOverride AllRequire all granted</Directory><FilesMatch "^\.ht"> Order allow,deny Deny from all </FilesMatch><IfModule dir_module> DirectoryIndex index.php index.cgi index.html index.htm</IfModule></VirtualHost> PS,, just a thought,, MOVE all htaccess files to a empty directory,,,reboot and I bet your web site works.. If it does notuse., # in front of all REWRITE commands# BEGIN WordPressRewriteEngine OnRewriteBase /RewriteRule ^index\.php$ - [L]# add a trailing slash to /wp-adminRewriteRule ^([_0-9a-zA-Z-]+/)?wp-admin$ $1wp-admin/ [R=301,L]RewriteCond %{REQUEST_FILENAME} -f [OR]RewriteCond %{REQUEST_FILENAME} -dRewriteRule ^ - [L]RewriteRule ^([_0-9a-zA-Z-]+/)?(wp-(content|admin|includes).*) $2 [L]RewriteRule ^([_0-9a-zA-Z-]+/)?(.*\.php)$ $2 [L]RewriteRule . index.php [L]# END WordPress final note, having been doing this for over 30 years,, I always start simple.. just enough to get a site running,, with a default screen,, Uniformserver does that for us..then add the base word press,, It will run without any changes on almost all boxes,, then start customizing or what ever you want to do with it. Quote Link to comment Share on other sites More sharing options...
hawkesley Posted May 1, 2014 Author Report Share Posted May 1, 2014 Thanks all. I will try these suggestions. Quote Link to comment Share on other sites More sharing options...
hawkesley Posted May 2, 2014 Author Report Share Posted May 2, 2014 I have taken another look at my config files.What I had not been looking at was the httpd-vhosts.confThis file has the folowing ## Virtual Hosts## If you want to maintain multiple domains/hostnames on your# machine you can setup VirtualHost containers for them. Most configurations# use only name-based virtual hosts so the server doesn't need to worry about# IP addresses. This is indicated by the asterisks in the directives below.## Please see the documentation at# <URL:http://httpd.apache.org/docs/trunk/vhosts/># for further details before you try to setup virtual hosts.## You may use the command line option '-S' to verify your virtual host# configuration.## Use name-based virtual hosting.##--US_START--------------Do not remove#--US_END----------------Do not remove## VirtualHost example:# Almost any Apache directive may go into a VirtualHost container.# The first VirtualHost section is used for all requests that do not# match a ServerName or ServerAlias in any <VirtualHost> block.## First Virtual Host must be a shallow duplicate of the main host# in httpd.conf<VirtualHost _default_:80> DocumentRoot C:/UniServer/www ServerName localhost ErrorLog "logs/error.log" CustomLog "logs/access.log" common</VirtualHost><VirtualHost *:80> ServerAdmin webmaster@hawkesleypublishingsolutions.com DocumentRoot C:/UniServer/www/hawkesleypublishingsolutions ServerName hawkesleypublishingsolutions.com ServerAlias www.hawkesleypublishingsolutions.com *.hawkesleypublishingsolutions.com ErrorLog logs/hawkesleypublishingsolutions.com-error.log CustomLog logs/hawkesleypublishingsolutions.com-access.log common<Directory "C:\UniServer\www\hawkesleypublishingsolutions"> Options Indexes Includes AllowOverride All Require all granted</Directory></VirtualHost> Should there be a similar entry for my other site somewhere4u. This site works fine but the file are inC:/UniServer/www not in a folder. Is this what is causing the forbidden?I have implemented some of the suggestions for htaccess and am working my way through them. Quote Link to comment Share on other sites More sharing options...
meows Posted May 4, 2014 Report Share Posted May 4, 2014 Should there be a similar entry for my other site somewhere4u. This site works fine but the file are inC:/UniServer/www not in a folder. Is this what is causing the forbidden?I have implemented some of the suggestions for htaccess and am working my way through them.site somewhere4u is supposed to be in it's OWN root folder if it is a Virtual server Quote Link to comment Share on other sites More sharing options...
hawkesley Posted May 4, 2014 Author Report Share Posted May 4, 2014 Thanks Quote Link to comment Share on other sites More sharing options...
hawkesley Posted May 5, 2014 Author Report Share Posted May 5, 2014 I now have somewhere4u in a folder in a the root www and I now get a 403 forbidden on that two.I configured the virtual host using the apache panel the same as before.The https-vhosts,conf has both entries there.I can't see how to fix this. Quote Link to comment Share on other sites More sharing options...
hawkesley Posted May 22, 2014 Author Report Share Posted May 22, 2014 Hi AllI am still having no luck with my virtual host.Please can some one advise.I started again and set up a new uniform server Uniserver2 and configured two vital hosts in the Coral 6.8.9 panel. Both sites are their own directory in wwwMy server is on port 80The ,htaccess in www isht access in www#------------------------------------------------------------------------------# Server root folder www .htaccess# This file provides server security limiting access to the localhost only.# Comment next four lines to deactivate. (Allows external access)#------------------------------------------------------------------------------Order Deny,AllowDeny from allAllow from 127.0.0.1Allow from ::1#------------------------------------------------------------------------------# To allow execution of cgi scripts in this directory uncomment next two lines.#------------------------------------------------------------------------------AddHandler cgi-script .pl .cgiOptions +ExecCGI +FollowSymLinks#------------------------------------------------------------------------------# Activate this section to use the Private Server Feature!# Defaults: Username - root; Password - root# Note AuthUserFile: File path is relative to server root# To lock server, uncomment the next 4 lines. (A name and password is required)#------------------------------------------------------------------------------#AuthName "Uniform Server - Server Access"#AuthType Basic#AuthUserFile ../../../htpasswd/www/.htpasswd#Require valid-user The virtual host file has# First Virtual Host must be a shallow duplicate of the main host# in httpd.conf<VirtualHost _default_:80> DocumentRoot C:/UniServer2/www ServerName localhost ErrorLog "logs/error.log" CustomLog "logs/access.log" common</VirtualHost><VirtualHost *:80> ServerAdmin webmaster@somewhere4u.com DocumentRoot C:/UniServer2/www/somewhere4u ServerName somewhere4u.com ServerAlias www.somewher4u.com *.somewhere4u.com ErrorLog logs/somewhere4u.com-error.log CustomLog logs/somewhere4u.com-access.log common<Directory "C:\UniServer2\www\somewhere4u"> Options Indexes Includes AllowOverride All Require all granted</Directory></VirtualHost><VirtualHost *:80> ServerAdmin webmaster@hawkesleypublishingsolutions.com DocumentRoot C:/UniServer2/www/hawkesleypublishingsolutions ServerName hawkesleypublishingsolutions.com ServerAlias www.hawkesleypublishingsolutions.com *.hawkesleypublishingsolutions.com ErrorLog logs/hawkesleypublishingsolutions.com-error.log CustomLog logs/hawkesleypublishingsolutions.com-access.log common<Directory "C:\UniServer2\www\hawkesleypublishingsolutions"> Options Indexes Includes AllowOverride All Require all granted</Directory></VirtualHost>Thank you. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.