Help on server online access

Problems with the Windows version of XAMPP, questions, comments, and anything related.

Help on server online access

Postby Corvisier » 24. September 2006 06:46

Hi
I'm sorry for posting this question but I followed some guides and still can't get this to work.

I installed xamp in my drive (F:\Programas\), I installed and configured my forum in (F:\Programas\xampp\htdocs\phpBB2\) and everything works fine locally but I wanted to put it online.
I edited httpd.conf to look like this:

Code: Select all
<Directory />
    Options FollowSymLinks
    AllowOverride None
    Order deny,allow
    Allow from all
</Directory>


Then my httpd-vhosts.conf :

Code: Select all
<VirtualHost *:80>
DocumentRoot /Programas/xampp/htdocs
ServerName localhost
</VirtualHost>
<VirtualHost *:80>
DocumentRoot /Programas/xampp/htdocs/phpBB2
ServerName localhost.main.com
</VirtualHost>


My hosts file:

Code: Select all
127.0.0.1       localhost
127.0.0.1   phpBB2


My local IP is 192.168.1.2

I opened port 80 TCP on my router to allow connections on 192.168.1.2.
By now this should work but I can only access my forum locally :(
When I try it outside my network I'm redirected to my xampp panel :(
My IP is dynamic and I have an acount with dyndns.org and I'm using DynDns updater.
My forum should look like http://forumisvouga.dyndns.org but it doesn't work :(

Can anyone help me?
Thank you in advance and sorry for my poor English and the long post.

Cheers,

Helder
Corvisier
 
Posts: 9
Joined: 24. September 2006 05:32

Postby Corvisier » 24. September 2006 08:33

Hey I guess I'm a real noob with this :)
I corrected the problem

Code: Select all
<VirtualHost *:80>
DocumentRoot F:\Programas\xampp\htdocs\phpBB2
ServerName localhost.main.com
</VirtualHost>


I changed to that and it works perfectly but I made a little test with phpBB user registration to see if the email was sent and it was indeed but the activation key that was sent points to http://localhost/phpbb2/......... and when clicked it doesn´t find my host.
Any suggestions?

By the way can I setup another site in htdocs\ and put it online and have two sites from the same IP?
Making it with dyndns;how can the site be acessible?

Cheers,

Helder
Corvisier
 
Posts: 9
Joined: 24. September 2006 05:32

Postby Izzy » 25. September 2006 04:00

Where did you find the information that required you to change the Directory directive in the httpd.conf file?
Code: Select all
<Directory />
    Options FollowSymLinks
    AllowOverride None
    Order deny,allow
    Allow from all
</Directory>
Izzy
 
Posts: 3344
Joined: 25. April 2006 17:06

web access

Postby Corvisier » 26. September 2006 05:46

I started all over agian with a fresh install and now everything works fine.
I followed a guide on xampptutorials.com.

httpd.conf:

Code: Select all
<Directory />
    Options FollowSymLinks
    AllowOverride None
    Order deny,allow
    Allow from all
</Directory>


httpd-vhosts.conf:

Code: Select all
##NameVirtualHost *:80
<VirtualHost 127.0.0.1:80>
DocumentRoot /xampp/xampp/htdocs/
ServerName localhost
ServerAdmin admin@localhost
</VirtualHost>

<VirtualHost *:80>
DocumentRoot /xampp/xampp/htdocs/forumisvouga.org
ServerName forumisvouga.org
ServerAdmin admin_fisvouga@clix.pt
<Directory /xampp/xampp/htdocs/forumisvouga.org>
Options Indexes FollowSymLinks
AllowOverride FileInfo
Order allow,deny
Allow from all
</Directory>
</VirtualHost>


hosts:

Code: Select all
127.0.0.1       localhost
127.0.0.1   forumisvouga.org


Now everything works fine :)

Am I doing anything wrong?
I really am confused and concerned about security issues.
Mysql and phpmyadmin are taken care of but is my site insecure?
My website should now be accessible by http://forumisvouga.pt.vu

Thank you,

Helder
Corvisier
 
Posts: 9
Joined: 24. September 2006 05:32

Re: web access

Postby Izzy » 26. September 2006 07:22

Corvisier wrote:...I followed a guide on xampptutorials.com.

httpd.conf:

Code: Select all
<Directory />
    Options FollowSymLinks
    AllowOverride None
    Order deny,allow
    Allow from all
</Directory>


...Am I doing anything wrong?
I really am confused and concerned about security issues.
Mysql and phpmyadmin are taken care of but is my site insecure?
My website should now be accessible by http://forumisvouga.pt.vu

Thank you,

Helder

Why do you think that the default permissions are restrictive and should not be changed?

Why change the defaults when you have already changed the default behaviour for your vhost directory in the http-vhosts.conf file?

It makes no sense unless there is an ulterior motive to give your server and possibly your PC an open vulnerability.
Code: Select all
#
# Each directory to which Apache has access can be configured with respect
# to which services and features are allowed and/or disabled in that
# directory (and its subdirectories).
#
# First, we configure the "default" to be a very restrictive set of
# features. 
#
<Directory />
    Options FollowSymLinks
    AllowOverride None
    Order deny,allow
    Deny from all
</Directory>


They should only be changed on a directory by directory basis and not on an overall basis or you have a big security hole, which may be intensional or it may not be intensional.

Unofficial third party sites may have given you poor advise and IMHO have given you bad and insecure advise. Of course, you use these sites at your own risk. You should also use the site where you were given this bad advise to ask your questions not here as this forum is no way associated.

There are lots of posts in these forums that can help you and it only takes a search to find them.
Izzy
 
Posts: 3344
Joined: 25. April 2006 17:06

Postby WorldDrknss » 26. September 2006 10:01

FYI The follow lines in httpd.conf blocks outside access to the htdocs folder:
Code: Select all
<Directory />
    Options FollowSymLinks
    AllowOverride None
    Order deny,allow
    Deny from all (Only Allows Access from http://127.0.0.1 or http://localhost)
</Directory>


Changing the following line from Deny to Allow will allow users to serve there web content from the htdocs folder using there ipaddress or a domain that had bought to others on the web. If you are using a virtualhost you do not need to change this as the VirtualHost will already cover this option.

Example would look like:
Code: Select all
<VirtualHost *:80>
ServerName domain.com
ServerAdmin admin@domain.com
ServerAlias www.domain.com
DocumentRoot /srv/www/domain
<Directory "/srv/www/domain">
Options            Indexes FollowSymLinks
AllowOverride      All
Order              allow,deny
Allow              from all
</Directory>
<Directory "/srv/www/domain">
Options Includes
AddType text/html .shtml
AddOutputFilter INCLUDES .shtml
AddHandler server-parsed .html .htm .shtml .shtm
</Directory>
HostnameLookups    Off
ErrorLog           /srv/www/domain/logs/error.log
LogFormat           "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat           "%h %l %u %t \"%r\" %>s %b" common
LogFormat           "%{Referer}i -> %U" referer
LogFormat           "%{User-agent}i" agent
CustomLog          /srv/www/domain/logs/access.log combined
ServerSignature    On
ScriptAlias        /cgi-bin/  "/srv/www/domain/cgi-bin/"
<Directory "/srv/www/domain/cgi-bin">
AllowOverride      None
Options            None
Order              allow,deny
Allow              from all
</Directory>
DirectoryIndex     index.php index.html index.htm index.shtml index.shtm
AccessFileName     .htaccess
<FilesMatch "^\.ht">
Order allow,deny
Deny from all
</FilesMatch>
AddHandler         cgi-script .cgi
<IfModule mod_negotiation>
<IfModule mod_include>
Alias /errors/ "/srv/www/domain/errors/"
<Directory "/srv/www/domain/errors">
AllowOverride None
Options IncludesNoExec
AddHandler type-map var
Order allow,deny
Allow from all
LanguagePriority en
</Directory>
</IfModule>
</IfModule>
ErrorDocument 400 /errors/400.html
ErrorDocument 401 /errors/401.html
ErrorDocument 403 /errors/403.html
ErrorDocument 404 /errors/404.html
ErrorDocument 405 /errors/405.html
ErrorDocument 408 /errors/408.html
ErrorDocument 410 /errors/410.html
ErrorDocument 411 /errors/411.html
ErrorDocument 412 /errors/412.html
ErrorDocument 413 /errors/413.html
ErrorDocument 414 /errors/414.html
ErrorDocument 415 /errors/415.html
ErrorDocument 500 /errors/500.html
ErrorDocument 501 /errors/501.html
ErrorDocument 502 /errors/502.html
ErrorDocument 503 /errors/503.html
ErrorDocument 506 /errors/506.html
</VirtualHost>


Anybody who knows the structure of Apache can tell you this.
http://wdguides.org - XAMPP Tutorials & MORE!!!!
User avatar
WorldDrknss
 
Posts: 292
Joined: 17. September 2005 13:40

Postby Corvisier » 26. September 2006 18:18

I just have to thank you both for your kind help on everything...

I corrected everything and now it looks like this:

Code: Select all
##NameVirtualHost *:80
<VirtualHost 127.0.0.1:80>
DocumentRoot /xampp/xampp/htdocs/
ServerName localhost
ServerAdmin admin@localhost
</VirtualHost>

<VirtualHost *:80>
ServerName forumisvouga.org
ServerAdmin admin_fisvouga@clix.pt
ServerAlias forumisvouga.ptvu
DocumentRoot /xampp/xampp/htdocs/forumisvouga.org
<Directory "/xampp/xampp/htdocs/forumisvouga.org">
Options            Indexes FollowSymLinks
AllowOverride      All
Order              allow,deny
Allow              from all
</Directory>
<Directory "/xampp/xampp/htdocs/forumisvouga.org">
Options Includes
AddType text/html .shtml
AddOutputFilter INCLUDES .shtml
AddHandler server-parsed .html .htm .shtml .shtm
</Directory>
HostnameLookups    Off
ErrorLog           /xampp/xampp/htdocs/forumisvouga.org/logs/error.log
LogFormat           "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat           "%h %l %u %t \"%r\" %>s %b" common
LogFormat           "%{Referer}i -> %U" referer
LogFormat           "%{User-agent}i" agent
CustomLog          /xampp/xampp/htdocs/forumisvouga.org/logs/access.log combined
ServerSignature    On
ScriptAlias        /cgi-bin/  "/xampp/xampp/htdocs/forumisvouga.org/cgi-bin/"
<Directory "/xampp/xampp/htdocs/forumisvouga.org/cgi-bin">
AllowOverride      None
Options            None
Order              allow,deny
Allow              from all
</Directory>
DirectoryIndex     index.php
AccessFileName     .htaccess
<FilesMatch "^\.ht">
Order allow,deny
Deny from all
</FilesMatch>
AddHandler         cgi-script .cgi
<IfModule mod_negotiation>
<IfModule mod_include>
Alias /errors/ "/xampp/xampp/htdocs/forumisvouga.org/errors/"
<Directory "/xampp/xampp/htdocs/forumisvouga.org/errors">
AllowOverride None
Options IncludesNoExec
AddHandler type-map var
Order allow,deny
Allow from all
LanguagePriority en
</Directory>
</IfModule>
</IfModule>
ErrorDocument 400 /errors/400.html
ErrorDocument 401 /errors/401.html
ErrorDocument 403 /errors/403.html
ErrorDocument 404 /errors/404.html
ErrorDocument 405 /errors/405.html
ErrorDocument 408 /errors/408.html
ErrorDocument 410 /errors/410.html
ErrorDocument 411 /errors/411.html
ErrorDocument 412 /errors/412.html
ErrorDocument 413 /errors/413.html
ErrorDocument 414 /errors/414.html
ErrorDocument 415 /errors/415.html
ErrorDocument 500 /errors/500.html
ErrorDocument 501 /errors/501.html
ErrorDocument 502 /errors/502.html
ErrorDocument 503 /errors/503.html
ErrorDocument 506 /errors/506.html
</VirtualHost>


Code: Select all
<Directory />
    Options FollowSymLinks
    AllowOverride None
    Order deny,allow
    Deny from all
</Directory>


I hope I'm doing the right things and I have to thank you both for your patience and your advises.
I'm just starting with this and I really needed the help.
Thank you


Cheers,

Helder Teixeira
Corvisier
 
Posts: 9
Joined: 24. September 2006 05:32


Return to XAMPP for Windows

Who is online

Users browsing this forum: No registered users and 50 guests