Apache can let this configuration with these codes
<Location /server-status>
SetHandler server-status
Order deny,allow
Deny from all
Allow from my-ip-address:no-port#
</Location>
<Location /server-info>
SetHandler server-info
Order deny,allow
Deny from all
Allow from my-ip-address-no-port
</Location>
How can I do that in Jetty ?
For example, in jetty-http.xml , this code disable to see server version
<Set name="sendServerVersion">false</Set>
Jetty version is
9.2.15.v20160210
Related
I am unable to access phpmyadmin in my server. I'm getting Forbidden.
Os version : Red Hat Enterprise Linux Server release 7.3 (Maipo)
I have checked answers in stackoverflow but, I'm unable to resolve my issue.
I installed phpmyadmin using command line.
running phpmyadmin Version information: 4.5.4.1
I have modified values in /etc/httpd/conf.d/phpMyAdmin.conf
My server is running on Amazon Web Services free tier.
here is the content present in phpMyAdmin.conf
Alias /phpMyAdmin /usr/share/phpMyAdmin
Alias /phpmyadmin /usr/share/phpMyAdmin
<Directory /usr/share/phpMyAdmin/>
AddDefaultCharset UTF-8
# <IfModule mod_authz_core.c>
# Apache 2.4
# <RequireAny>
# Require ip 127.0.0.1
# Require ip ::1
# </RequireAny>
# </IfModule>
# <IfModule !mod_authz_core.c>
# Apache 2.2
Order Deny,Allow
# Deny from All
Allow from all
# Allow from 127.0.0.1
# Allow from ::1
# AllowOverride all
# Require all granted
# </IfModule>
</Directory>
<Directory /usr/share/phpMyAdmin/setup/>
<IfModule mod_authz_core.c>
# Apache 2.4
<RequireAny>
Require ip ::1
</RequireAny>
</IfModule>
<IfModule !mod_authz_core.c>
# Apache 2.2
Order Deny,Allow
Deny from All
Allow from ::1
</IfModule>
</Directory>
<Directory /usr/share/phpMyAdmin/libraries/>
Order Deny,Allow
Deny from All
Allow from None
</Directory>
<Directory /usr/share/phpMyAdmin/setup/lib/>
Order Deny,Allow
Deny from All
Allow from None
</Directory>
<Directory /usr/share/phpMyAdmin/setup/frames/>
Order Deny,Allow
Deny from All
Allow from None
</Directory>
can you tell me what version of apache you are using apache 2.4 or apache 2.2 .
assuming 2.4
add to you httpd.conf
<Directory /usr/share/phpmyadmin>
Options FollowSymLinks
DirectoryIndex index.php
AllowOverride All
</Directory>
your below settings is restricting your access from browser .
Order Deny,Allow
Deny from All
Allow from ::1
Restart your httpd (apache)
I have a problem with Django application under Apache and mod_uwsgi behind Elastic Load Balancer.
Application work fine when accessing by IP or Domain Name, but if i setting ELB in front of it, Django Application stop working, i have only static files(which server by apache) and 502 BAD GATEWAY error in browser and no errors at all on the server, when trying to access Django application.
UWSGI config:
[uwsgi]
socket = /tmp/uwsgi.sock
pidfile = /var/run/uwsgi.pid
Httpd Config:
<Location / >
SetHandler uwsgi-handler
uWSGISocket /tmp/uwsgi.sock
</Location>
<Location /static >
SetHandler default-handler
</Location>
<Location /static/admin/ >
SetHandler default-handler
</Location>
<Location /media >
SetHandler default-handler
</Location>
<Location /downloads/ >
SetHandler default-handler
</Location>
<Directory /home/www/sources/my_project/project/static >
Order deny,allow
Allow from All
</Directory>
#The rest directories also declared
Replaced mod_uwsgi with mod_proxy_uwsgi - works better
I am trying to create a small django site and use iRedMail for e-mail. I installed iRedMail first, and ensured that it worked. I could go to both www.domain.com/iredadmin and www.domain.com/mail and have it work perfectly. My next step was to install my django site and configure Apache. Unfortunately, this caused my django site to try and handle /mail/ and /iredadmin/. I've been fidgeting with the config for a few hours now and have no idea what to do. Here are the settings:
apache2.conf:
# Defaults...
WSGIPythonPath /path/to/website.com/website
sites-enabled/website.com:
<VirtualHost *:80>
ServerName website.in
ServerAlias www.website.in
ErrorLog ${APACHE_LOG_DIR}/error.log
Alias /static /path/to/website.com/website/static
Alias /media /path/to/website.com/website/media
Alias /mail /usr/share/apache2/roundcubemail/
Alias /admin /usr/share/apache2/iredadmin/
<Directory /usr/share/apache2/roundcubemail/>
Order allow,deny
Allow from all
</Directory>
WSGIScriptAlias / /path/to/website.com/website/website.wsgi
<Location "/">
SetHandler python-program
PythonHandler django.core.handlers.modpython
SetEnv DJANGO_SETTINGS_MODULE website.settings
PythonDebug Off
PythonPath "['/path/to/website.com/website/']+sys.path"
</Location>
<Directory /path/to/website.com/website>
<Files wsgi.py>
Order deny,allow
Allow from all
</Files>
</Directory>
<Directory /path/to/website.com/website/static>
Order allow,deny
Allow from all
</Directory>
<Location /static/>
SetHandler None
</Location>
<Directory /path/to/website.com/website/media>
Order allow,deny
Allow from all
</Directory>
<Location /media/>
SetHandler None
</Location>
</VirtualHost>
The django website displays fine, although I have been getting internal server errors.
You are trying to use both mod_wsgi and mod_python to handle the Django site at the same time, with mod_python overriding mod_wsgi. Choose one of the other. Since mod_python is no longer developed or supported and support for it in Django deprecated, probably not a good option to keep using it.
The next thing which is wrong is:
Alias /mail /usr/share/apache2/roundcubemail/
Alias /admin /usr/share/apache2/iredadmin/
Remove the trailing slashes:
Alias /mail /usr/share/apache2/roundcubemail
Alias /admin /usr/share/apache2/iredadmin
Even then it will still not work, because when using mod_python you have to tell mod_python not to handle those paths.
<Location /mail/>
SetHandler None
</Location>
<Location /admin/>
SetHandler None
</Location>
A further problem you may have is that /admin is usually used for the Django admin interface and you are overriding that.
I have this configuration in at the end of my httpd.conf:
<Location "/">
SetHandler python-program
PythonHandler django.core.handlers.modpython
SetEnv DJANGO_SETTINGS_MODULE myapp.settings
PythonOption django.root /
PythonDebug On
PythonPath "['/my/path] + sys.path"
</Location>
This allows my application to startup, but the static files are not being served. I was thinking of adding something like this:
<Location "/site_media">
# what to add here?
</Location>
And tell Apache to serve files from /site_media/... from /my/path/myapp/media. However, I cannot find a way to make the connection between /site_media and the actual path to my media directory. Could you guide me?
EDIT: I added this to httpd.conf:
Alias /site_media /my/path/myapp/media
<Directory /my/path/myapp/media>
Order allow,deny
Allow from all
</Directory>
<Location "/site_media">
</Location>
But, Apache still gives me 404 errors. I also tried to add a SetHandler None inside the /site_media/ location element, but I still receive the same 404 error codes.
Alias, but read the full section.
Is it possible to deploy a Django app on Apache + mod_wsgi (the standard way) but with HTTP authentication in front of the whole thing?
Basically, I need an extra layer of HTTP security before any user, Django-authenticated or anonymous, is even able to reach the app.
Is this possible? If so, where do the Apache auth directives go?
Yes, it's possible.
With mod_wsgi on /, any resources to be provided by apache need to be listed as aliases.
Auth directives and host restrictions live in Location directives.
So I've disabled any apache access restrictions on things like css, and provided host/ip based access to another directory.
<VirtualHost *:80>
Servername app.domain.example
CustomLog logs/access_log combined
ErrorLog logs/error_log
DocumentRoot "/home/app/apache/app/html"
Alias /media/ /home/app/apache/app/html/media/
<Location />
Options None
AuthType Basic
AuthName "Login Prompt"
AuthUserFile /path/to/passwd.file
Require valid-user
</Location>
<Location /media>
Order allow,deny
Allow from all
Satisfy any
</Location>
WSGIDaemonProcess app user=app group=app processes=5 threads=1 display-name=app_WSGI
WSGIProcessGroup app
WSGIScriptAlias / /home/app/apache/app.wsgi
</VirtualHost>
Sure, here is example from one site:
<VirtualHost *:80>
ServerName djangoproject.domain.biz
DocumentRoot "/home/user/websites/djangoproject/website/"
WSGIDaemonProcess djangoproject python-path=/home/user/.virtualenvs/djangoproject/lib/python2
.6/site-packages/ user=user group=user threads=1
WSGIProcessGroup djangoproject
WSGIScriptAlias / /home/user/websites/djangoproject/website/django.wsgi
<Directory "/home/user/websites/djangoproject/website/">
Order deny,allow
Allow from all
AuthType Basic
AuthName "By Invitation Only"
AuthUserFile /etc/apache2/passwords
Require valid-user
</Directory>
</VirtualHost>