you don't have permission to access [custom alias] on this server - wamp

can anyone help with a following issue:
I am using wamp to run projects in my chrome browser.
after adding a newAlias which points to my project directory c:/dev/myProject
I am getting Forbidden message: you don't have permission to access /newAlias on this server.
I can access default Aliases such as phpmyadmin, webgrind...
but i cannot access my own.
I am using WampServer Version 2.5 64bit on Win 8.1 64bit located in c:/wamp.
I tried basic stuff from the net but with no luck.
Any suggestions?
Edit: content of newAlias:
Alias /bs1/ "c:/_DEV_/git/NewProject/www/"
<Directory "c:/_DEV_/git/NewProject/www/">
Options Indexes FollowSymLinks MultiViews
AllowOverride all
Order allow,deny
Allow from all
</Directory>

Dont change that section of your httpd.conf. Those few lines control access to the root folder of the drive that Apache is installed on. So you just gave full access to anybody with a handy hack.
The process of securing the access via Apache is to deny all access to everything from the root folder and below, and then selectively allow access for specific sites to specific areas/folders of the drive.
A better solution would be to change httpd.conf back to how it was and make the change in your Alias definition. Like this :-
Alias /bs1 "c:/_DEV_/git/NewProject/www/"
<Directory "c:/_DEV_/git/NewProject/www/">
Options Indexes FollowSymLinks MultiViews
AllowOverride all
Require local <-- to develop on this PC
Require ip 192.168.1 <-- to access the server from another PC on your network
Require all granted <-- to allow the world to see the beauty of your site
</Directory>
It is actually a better idea to use Virtual Hosts to control each site and not Alias's.
Here is a why and Howto :- WAMPServer 2.5 The Homepage, Your Projects Menu and the need for Virtual Hosts

I've updated WAMP from 2.2.22 to 2.4.9 and found that new aliases didn't work (same error message as yours).
Checking the default aliases like phpmyadmin, I've found this:
Alias /phpmyadmin "c:/wamp/apps/phpmyadmin4.1.14/"
# to give access to phpmyadmin from outside
# replace the lines
#
# Require local
#
# by
#
# Require all granted
#
<Directory "c:/wamp/apps/phpmyadmin4.1.14/">
Options Indexes FollowSymLinks MultiViews
AllowOverride all
<IfDefine APACHE24>
Require local
</IfDefine>
<IfDefine !APACHE24>
Order Deny,Allow
Deny from all
Allow from localhost ::1 127.0.0.1
</IfDefine>
php_admin_value upload_max_filesize 128M
php_admin_value post_max_size 128M
php_admin_value max_execution_time 360
php_admin_value max_input_time 360
</Directory>
If you see the contents of the file you'll notice the <IfDefine APACHE24> and <IfDefine !APACHE24> conditionals. So I've changed my alias .conf file from:
Alias /svn "c:/work/website-svn/"
<Directory "c:/work/website-svn/">
Options Indexes FollowSymLinks MultiViews
AllowOverride all
Order allow,deny
Allow from all
</Directory>
to:
Alias /svn "c:/work/website-svn/"
<Directory "c:/work/website-svn/">
Options Indexes FollowSymLinks MultiViews
Require local
</Directory>
That solved my problem, I hope it solves yours.

I am no expert on this but the answer above seemed like I was granting access to my entire computer...So tried modifying the above answer to only giving access to where my alias folder is...
So instead...Go to the httpd.conf file...and do a search for...
<Directory />
AllowOverride none
Require all denied
</Directory>
and below that add the following
<Directory "c:/path-to-your-alias-folder...">
AllowOverride none
Require all granted
</Directory>
This worked to me and I think it might be a bit safer...Again I am no expert here...Just trying to make it work...

for allow permission for your server & wamp you require 3 steps please ensure these 3 things after that you can access your site from other network with ip address e.g http://192.168.1.1/yoursitefoldername
(192.168.1.1 is you computer or vps ip address "yoursitefoldername" is folder name of your site which should be in your wamp->www folder)
1.
first of all
Port 80 and 443 must be allow for both TCP and UDP packets. To do this, create 2 inbound rules for TPC and UDP on Windows Firewall for port 80 and 443.
(or you can disable your whole firewall for testing but permanent solution if allow inbound rule)
2.
If you are using WAMPServer 3 See bottom of answer
For WAMPServer versions <= 2.5
You need to change the security setting on Apache to allow access from anywhere else, so edit your httpd.conf file.
Change this section from :
# onlineoffline tag - don't remove
Order Deny,Allow
Deny from all
Allow from 127.0.0.1
Allow from ::1
Allow from localhost
To :
# onlineoffline tag - don't remove
Order Allow,Deny
Allow from all
if "Allow from all" line not work for your then use "Require all granted"
then it will work for you.
WAMPServer 3 has a different method
In version 3 and > of WAMPServer there is a Virtual Hosts pre defined for localhost so dont amend the httpd.conf file at all, leave it as you found it.
Using the menus, edit the httpd-vhosts.conf file.
It should look like this :
<VirtualHost *:80>
ServerName localhost
DocumentRoot D:/wamp/www
<Directory "D:/wamp/www/">
Options +Indexes +FollowSymLinks +MultiViews
AllowOverride All
Require local
</Directory>
</VirtualHost>
Amend it to
<VirtualHost *:80>
ServerName localhost
DocumentRoot D:/wamp/www
<Directory "D:/wamp/www/">
Options +Indexes +FollowSymLinks +MultiViews
AllowOverride All
Require all granted
</Directory>
</VirtualHost>
Hopefully you will have created a Virtual Host for your project and not be using the wamp\www folder for your site. In that case leave the localhost definition alone and make the change only to your Virtual Host.
3.
Dont forget to restart All Services of Wamp or Apache after making this change

I found a solution which worked for me.
In httpd.conf i changed:
<Directory />
AllowOverride none
Require all denied
</Directory>
to
<Directory />
AllowOverride none
Require all granted
</Directory>
Which solved the issue and allowed me to access my custom aliases.

I would suggest that you consider setting up virtual hosts instead. It takes a few more minutes, but it's more bulletproof. RiggsFolly's answer to a similar question is excellent in its detail, rigor, and utility:
Project Links do not work on Wamp Server

Related

WAMP icon colors

I'm running Wamp 3.0.0 64bit on Windows 10. In past versions the icon was either red, orange or green depending on status. Now the green version has a red dot in it, and the background color is pale yellow rather than clear as it is on the red and orange versions.
Does anyone know the significance of the background color or the red dot?
It seems I gave you some wrong advice above in my comments.
The icon you speak about is in fact a new Icon I had forgotten about.
This image indicates that you have set WAMPServer Online i.e. you have used the Online/Offline menu and set Apache to be Online.
NOTE: It is not necessary to have set Apache Online for normal development activity. Online only means that Apache can be accessed by any IP Address in the universe.
In other words when Online the httpd.conf file contains this parameter in the
<Directory "D:/wamp/www/">
section on httpd.conf
# onlineoffline tag - don't remove
Require all granted
when normally it has
# onlineoffline tag - don't remove
Require local
Unless you are actually trying to access your site from the internet it is not required to be Online.
Additional info after clarification
Ok, so if you are just trying to open up to connections from your local network then you have to do this. WAMPServer3 added the use of localhost as a Virtual Host by default. So now you should leave the httpd.conf files as
# onlineoffline tag - don't remove
Require local
Now edit \wamp\bin\apache\apache{version}\conf\extra\httpd-vhost.conf and add your access requirements to that like this
The default is this
<VirtualHost *:80>
ServerName localhost
DocumentRoot c:/wamp/www
<Directory "c:/wamp/www/">
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Require local
</Directory>
</VirtualHost>
So just add requirements like this
<VirtualHost *:80>
ServerName localhost
DocumentRoot c:/wamp/www
<Directory "c:/wamp/www/">
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Require local
Require ip 192.168.0.1
Require ip 192.168.0.2
</Directory>
</VirtualHost>
Or add this for any ip in your local network
<VirtualHost *:80>
ServerName localhost
DocumentRoot c:/wamp/www
<Directory "c:/wamp/www/">
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Require local
Require ip 192.168.0
</Directory>
</VirtualHost>

Forbidden You don't have permission to access /music-server/ on this server

I installed wamp 2.5 and create a new alis name music-server. but when I open http://localhost/ and click on its name in Your Aliases
this error shows:
Forbidden
You don't have permission to access /music-server/ on this server.
Apache/2.4.9 (Win64) PHP/5.5.12 Server at localhost Port 80
content of music-server.conf
Alias /music-server/ "c:/music-server/"
<Directory "c:/music-server/">
Options Indexes FollowSymLinks MultiViews
AllowOverride all
Order allow,deny
Allow from all
</Directory>
alias folder:
The alias definition contains Apache 2.2 syntax when you are using Apache 2.4.
Also the Alias should not have a trailing slash.
So try changing it to this
Alias /music-server "c:/music-server/"
<Directory "c:/music-server/">
Options Indexes FollowSymLinks MultiViews
AllowOverride all
Require local
# Only use if you actually want to be accessible from the universe
#Require all granted
</Directory>

Django, mod_wsgi--daemon mode, 403 Forbidden, works when in /var/www/html

When I move /home/django/mysite to /var/www/html/mysite, and chown -R apache:apache, it works. But leaving in the home directory I get 403 forbidden.
I've literally spent a good 6 hours trying to get this to work. HUGE progress for me to see that it works in /var/www/html, as I know all my "config" settings are correct.
Here is my httpd.conf
(first setting had to add to stop 503 internal server error)
WSGISocketPrefix /var/run/wsgi
<VirtualHost 208.115.206.227:80>
WSGIDaemonProcess django user=django group=django python-path=/home/django/mysite
WSGIProcessGroup django
ServerAdmin webmaster#mktrn.net
ServerName endor.mktrn.net
WSGIScriptAlias / /home/django/mysite/mysite/wsgi.py
<Directory />
Options FollowSymLinks
AllowOverride None
Order deny,allow
Allow from all
</Directory>
<Directory /home/django/mysite/mysite>
<Files wsgi.py>
Order allow,deny
Allow from all
</Files>
</Directory>
</VirtualHost>
So again, the above works if I just replace /home/django/mysite, with /var/www/html.
I'm running mod_wsgi as daemon under the user django--so I don't think that is it. What am I doing wrong? I know it's not smart to put in /var/www/html, even if I have no document root, so really want to figure this out!
A home directory such as /home/django would normally not be readable to others and so the user that Apache runs as would not be able to see into that directory and so access would be forbidden. This is why it would work when you move it elsewhere.

How to bring wamp server online?

I have already tried port forwarding through router and also disabled my firewall.
I also edited httpd.conf. There I changed
Listen 80
to
Listen 8080
I also changed ServerName from localhost:80 to <private-ip>:80 i.e 192.168.1.2:80.
Finally I changed to
Order Allow,Deny
Allow from all
in offlineonline tag.
I have DLink DSL-2730U. In that in advanced settings> NAT > external port start 8080 and end 8080> internal port start 8080 and end 8080>Server ip i kept as 192.168.1.2
Then restarted all the sevices i.e both router and wamp.
But still i am unable to access wamp through my public ip which is 59.95.81.56.
It should have been a simple case of left clicking the WAMPManager menu and clicking Put online.
What that would have done is changed this section of httpd.conf from this:
If using Apache 2.2.x
# onlineoffline tag - don't remove
Order Deny,Allow
Deny from all
Allow from 127.0.0.1 ::1 localhost
To this:
# onlineoffline tag - don't remove
Order Allow,Deny
Allow from all
If using Apache 2.4.x
# onlineoffline tag - don't remove
Require local
To this:
# onlineoffline tag - don't remove
Require all granted
And strictly thats all you should have needed to do!
But as you have done some manual messing with httpd.conf here are some things you need to check. I am assuming you wanted to change the port to 8080 rather than thinking you had to for some reason. If you didnt want to change port number to 8080 then use 80 in the following info instead of 8080. Changing to 8080 just makes life more complicated for your users, but if this is just a play site that does not really matter I suppose.
httpd.conf
# as your router probably does not support IPV6 change so apache only listens on IPV4
# you dont need to put the actual ip address of this PC in here as you say you did.
Listen 0.0.0.0:8080
# ServerName port need to match the Listen, your question made me think you may have left this as localhost:80
ServerName localhost:8080
If using Apache 2.2.x
# Assuming your site is in c:\wamp\www ( this section should already exist I just removed all the comments for brevity)
<Directory "d:/wamp/www/">
Options Indexes FollowSymLinks
AllowOverride all
#
# Controls who can get stuff from this server.
#
# onlineoffline tag - don't remove
Order Allow,Deny
Allow from all
</Directory>
If using Apache 2.4.x
# Assuming your site is in c:\wamp\www ( this section should already exist I just removed all the comments for brevity)
<Directory "d:/wamp/www/">
Options Indexes FollowSymLinks
AllowOverride all
#
# Controls who can get stuff from this server.
#
# onlineoffline tag - don't remove
Require from all
</Directory>
If you made the common mistake of changing this section, change it back to this, or you will be giving access to your C:\ to anybody.
If using Apache 2.2.x
<Directory />
Options FollowSymLinks
AllowOverride None
Order Deny,Allow
Deny from all
</Directory>
If using Apache 2.4.x
<Directory />
Options FollowSymLinks
Require all denied
</Directory>
I hope something in here makes you stumble upon your mistake or ommission.
EDIT: Additional info
phpMyAdmin is protected from prying eyes like this:
edit c:\wamp\alias\phpmyadmin.conf
Alias /phpmyadmin "d:/wamp/apps/phpmyadmin3.5.1/"
# to give access to phpmyadmin from outside
# replace the lines
#
# Order Deny,Allow
# Deny from all
# Allow from 127.0.0.1
#
# by
#
# Order Allow,Deny
# Allow from all
#
<Directory "d:/wamp/apps/phpmyadmin3.5.1/">
Options Indexes FollowSymLinks MultiViews
AllowOverride all
Order Deny,Allow
Deny from all
Allow from 127.0.0.1
</Directory>
See the line Allow from 127.0.0.1 that stops anyone not on the same PC as the database using it.
So if you are trying to access that from the internet, it wont work.
I suppose you could TEMPORARILY change it to :
Order Allow,Deny
Allow from all
Or better still if you know the ip address of where you are going to test it from you coudl do
Order Deny,Allow
Deny from all
Allow from 127.0.0.1 ::1 localhost
Allow from xxx.yyy.zzz.aaa
Where xxx.yyy.zzz.aaa is your friends IP address.
I got the answer at here.
The part I missed in other solution was the Configurtion below:
Configuring the server to be reachable by everyone
The last step! Open your httpd.conf and find this line:
ServerName localhost:80
Change it to:
ServerName <your private IP>:80
Example:
ServerName 192.168.1.27:80
Additionally to RiggsFolly's answer you can open a port in your firewall instead of disabeling it.
The Firewall protects you from many things and disabeling it will make your computer much more vulnerable to hacks
Open port in Windows Firewall

how to serve website with apache over the internet?

I have somehow managed to serve both my project app and its static files on the apache. But only I can see my webpage, by typing localhost and by my IPv4 address. And I can't see my webpage from the other's computer. In my http.conf, it is Listen 80. I don't know much about this. I even registered on a free dynamic DNS provider, but even from that url I can only see It works message. I really suck at these things. Please guide me here. Thank you.
snippet of http.conf:
WSGIScriptAlias / C:/Users/robin/web/etc/etc/etc/wsgi.py
WSGIPythonPath C:/Users/robin/web/etc/etc
<Directory C:/Users/robin/web/etc/etc>
<Files wsgi.py>
Order deny,allow
Allow from all
</Files>
</Directory>
#Alias /robots.txt /path/to/mysite.com/static/robots.txt
#Alias /favicon.ico /path/to/mysite.com/static/favicon.ico
AliasMatch ^/([^/]*\.css) C:/Users/robin/web/etc/etc/static/styles/$1
#Alias /media/ /path/to/mysite.com/media/
Alias /static/ C:/Users/robin/web/etc/etc/static/
<Directory C:/Users/robin/web/etc/etc/static>
Order deny,allow
Allow from all
</Directory>
#<Directory /path/to/mysite.com/media>
#Order deny,allow
#Allow from all
#</Directory>
WSGIScriptAlias / C:/Users/robin/web/etc/etc/etc/wsgi.py
<Directory C:/Users/robin/web/etc/etc/etc>
<Files wsgi.py>
Order allow,deny
Allow from all
</Files>
</Directory>
You need to do the following:
1. Ensure that the server is publicly accessible
To do this you need to ensure
Port 80 is routed through your router to the servers internal IP address. This is called NAT. If you are using a Cisco router you can see the instructions here.
Any firewalls are configured not to block the traffic on port 80. If you are using Linux you would most likely need to configure iptables. If you are using Windows you can do this on the windows firewall. If you are using a third party firewall you need to search google to find out how to do it.
You need to ensure you are using the public ip address to connect. You can find this by using a website such as http://whatismyipaddress.com/
2. Setup the virtual hosts on apache
The reason you are only seeing the "It Works" message is because Apache is pointing to the default web root on the server for that domain name. To fix this, you need to setup a virtualhost for the domain name, and point it to the root directory of your application. Instruction for this can be found here.
Under for virtual hosts in your apache config, you could add something like this:
NameVirtualHost *:80
<VirtualHost *:80>
ServerAdmin [email]#[address].com
DocumentRoot [directory root]
ServerName [registered domain name without www eg: something.com]
ServerAlias *.[registered domain name without www]
</VirtualHost>
The "NameVirtualHost *:80" might already exist, so search the config first. Usually it is in there and commented out by default, so you might just need to remove the #.
Note: ALWAYS backup the config by copying the contents to another file. Also restart apache after you make the adjustment.