To not allow any dot files or directories (hidden in unix) to be seen if they are in a directory available to the webserver, add the following to the httpd.conf file.
# The following lines prevent any .files from being viewed by web clients.
<Files ~ "^\.">
Order allow,deny
Deny from all
</Files>
We don’t really have any hidden files (like .svn) on our website, but this should protect us in case someone accidentally puts on there.
Archive for the ‘Apache’ Category
After updating some webpages, I needed to redirect people from the old page to the new one. Put this in the old page location.
<html> <head> <META HTTP-EQUIV="Refresh" content="0;URL=../tilecal/index.php"> </head> </html>
Peter Behr pointed out that webmail wasn’t working. The problem was after logging in, (for me, in Safari) I’d get a can’t open page redirect.php error. (In Firefox, the page would just be blank.) I looked at some files on the shop computer, where webmail (squirrelmail) was still working ok and found some differences in the /etc/httpd/conf.d/php.conf file. The solution was to add the following to the php.conf on the hep computer.
AddType application/x-httpd-php .php
Restart the web browser and things started working.
I think this must be due to the different versions of php used by the different versions of redhat. The broken computer is running RHEL4 ES release 4 (server), while the working one is running RHEL4 WS release 4 (client).
If a website, does not have an index.html (or index.php or whatever is specified as the DirectoryIndex in httpd.conf), then a browser will show a file not found error when browsing that directory. To instead show a list of all files in the directory, add “Indexes” to the Options of the Directory in httpd.conf.
Monica has a webpage that uses php to draw an image. After the hep upgrade, it stopped working. Turns out I needed to install the php-gd package which adds support for the gd graphics library to PHP.
Be sure to restart httpd after adding the package.
The new version of apache had the default character set as UTF-8. This apparently overrides whatever is in the webpages because Mel had a page that kept coming up with a bunch of odd characters. They would go away when the user changed the text encoding to Western iso-8859-1. So, I just changed the default text encoding in the httpd.conf file.
# Changed the default character encoding as somme pages were looking strange --MH 3 Jan 2007 AddDefaultCharset iso-8859-1 #AddDefaultCharset UTF-8
Each time tried to login to squirrelmail, immediately bounced back to a page saying that you have to login before you can access the page. The problem turned out to be the group ownership of /var/lib/php/session. It was set as root:root. After changed to root:apache, could login.
When attempting to start httpd on the new server, kept getting the message:
hep1:init.d$ ./httpd start
Starting httpd: execvp: Permission denied
This appears to be selinux blocking the program. So, I changed /etc/sysconfig/selinux to disabled instead of enforcing. I tried permissive for a while, but things still didn’t work and I didn’t want this to be the problem.
When attempting to upload a file in Dreamweaver, the system would hang and eventually time out with an error. I don’t remember the exact message, but the message had nothing to do with the problem. The issue was on the web server. In the directory where Dreamweaver wanted to put the file, there was a link to an NFS-mounted location that was no longer available. Once this link was deleted, the upload worked fine.
We are being overwhelmed with httpd requests that never seem to quit. Most of them seem to be coming from various bots that search engines send out. Here’s an example:
$ netstat -tpu|grep http
tcp 1 0 hep.uchicago.edu:www msnbot.msn.com:20281 CLOSE_WAIT 5371/httpd
tcp 1 0 hep.uchicago.edu:www msnbot.msn.com:11460 CLOSE_WAIT 5345/httpd
tcp 1 0 hep.uchicago.edu:www msnbot.msn.com:55572 CLOSE_WAIT 5341/httpd
tcp 1 0 hep.uchicago.edu:www crawl-66-249-72-201.g:56629 CLOSE_WAIT 6151/httpd
tcp 1 0 hep.uchicago.edu:www crawl-66-249-72-201.g:50213 CLOSE_WAIT 6778/httpd
tcp 1 0 hep.uchicago.edu:www crawl-66-249-72-201.g:47647 CLOSE_WAIT 7473/httpd
tcp 1 0 hep.uchicago.edu:www crawl-66-249-72-201.g:61674 CLOSE_WAIT 7166/httpd
tcp 1 0 hep.uchicago.edu:www crawl-66-249-72-201.g:43990 CLOSE_WAIT 5806/httpd
tcp 1 0 hep.uchicago.edu:www crawl-66-249-72-201.g:40917 CLOSE_WAIT 5430/httpd
tcp 0 0 hep.uchicago.edu:www crawl-66-249-72-201.g:37338 ESTABLISHED 7058/httpd
tcp 1 0 hep.uchicago.edu:www msnbot.msn.com:49380 CLOSE_WAIT 7263/httpd
tcp 1 0 hep.uchicago.edu:www crawl-66-249-72-201.g:32959 CLOSE_WAIT 7064/httpd
tcp 1 0 hep.uchicago.edu:www crawl-66-249-72-201.g:38831 CLOSE_WAIT 5343/httpd
tcp 1 0 hep.uchicago.edu:www crawl-66-249-72-201.g:61835 CLOSE_WAIT 5344/httpd
After a couple of hours, our webserver is inaccessible due to the large number of daemons running. The solution, automatically restart httpd every hour. Added the following to the crontab:
# Each hour, restart the httpd2 daemon to clear them out
0 * * * * /etc/rc.d/init.d/httpd2 restart 2 >& /dev/null