Access forbidden! New XAMPP security concept:

Problems with the Linux version of XAMPP, questions, comments, and anything related.

Access forbidden! New XAMPP security concept:

Postby rshap » 21. September 2009 22:04

Hello, I just installed xampp, I got debian lenny and i keep getting this

Access forbidden!

New XAMPP security concept:

Access to the requested directory is only available from the local network.

This setting can be configured in the file "httpd-xampp.conf".

If you think this is a server error, please contact the webmaster.
Error 403


Any idea what the problem is ?

I can't find httpd-xampp.conf
rshap
 
Posts: 1
Joined: 21. September 2009 22:00

Re: Access forbidden! New XAMPP security concept:

Postby Psybenzon » 28. September 2009 11:29

look at
/opt/lampp/etc/extra/http-xampp.conf

Comment out the lines:

"New XAMPP security concept"

and delete the .htaccess Files in the htdocs directories
Psybenzon
 
Posts: 2
Joined: 25. September 2009 18:48

Re: Access forbidden! New XAMPP security concept:

Postby marklanham » 17. March 2011 12:40

don't forget to stop and restart the XAMPP Control Panel between changes...
marklanham
 
Posts: 1
Joined: 17. March 2011 12:36

Re: Access forbidden! New XAMPP security concept:

Postby Admin_Aksh » 22. August 2011 17:18

Hi,

The Solution for this issue is :

You need to edit the file httpd-xampp.conf and location for it is cd /opt/lampp/etc/extra/

1. Run the following command:

[root@demo ~]# vi /opt/lampp/etc/extra/httpd-xampp.conf

the file will open , go to the end of file which will look like below
Code: Select all
#
# New XAMPP security concept

#<LocationMatch "^/(?i:(?:xampp|security|licenses|phpmyadmin|webalizer|server-status|server-info))">
        Order deny,allow
        Deny from all
        Allow from ::1 127.0.0.0/8 \
                fc00::/7 10.0.0.0/8 172.16.0.0/12 192.168.0.0/16 \
                fe80::/10 169.254.0.0/16

        ErrorDocument 403 /error/XAMPP_FORBIDDEN.html.var
</LocationMatch>


You need to change it like below:

Code: Select all
# New XAMPP security concept

<LocationMatch "^/(?i:(?:xampp|security|licenses|phpmyadmin|webalizer|server-status|server-info))">
        Order deny,allow
        Allow from all
        Allow from ::1 127.0.0.0/8 \
                fc00::/7 10.0.0.0/8 172.16.0.0/12 192.168.0.0/16 \
                fe80::/10 169.254.0.0/16

        ErrorDocument 403 /error/XAMPP_FORBIDDEN.html.var
</LocationMatch>


Means you need comment out the line <LocationMatch and make Deny for all to Allow for all

2. The restart the xampp for this command is below

/opt/lampp/lampp restart

This is all !

Now you can access the xampp on web like you can access with IP.

http://192.168.10.1/

Thanks
Admin_Aksh
Admin_Aksh
 
Posts: 1
Joined: 22. August 2011 17:06

Re: Access forbidden! New XAMPP security concept:

Postby oracle_nic » 25. August 2011 10:00

Hey guys!
Unable to find directory
opt/lampp/etc/extra/
in the current version of xampp for windows!
What the heck is happening?
(running Vista 32) after successfully installation as promped by the installer
and deactivating UAC as also prompted!
oracle_nic
 
Posts: 8
Joined: 04. August 2011 18:23

Re: Access forbidden! New XAMPP security concept:

Postby Altrea » 25. August 2011 14:21

Remember: The file system of Linux is completely different from windows.
We don't provide any support via personal channels like PM, email, Skype, TeamViewer!

It's like porn for programmers 8)
User avatar
Altrea
AF Moderator
 
Posts: 11926
Joined: 17. August 2009 13:05
XAMPP version: several
Operating System: Windows 10 Pro x64

Re: Access forbidden! New XAMPP security concept:

Postby good.shailesh » 01. January 2012 15:27

Don't worry, it's easy.
This Works for sure. Just do the following:
1. Open /opt/lampp/etc/extra/httpd-xampp.conf

and add the name of your directory at the end of this line, as shown below :
<LocationMatch "^/(?i:(?:xampp|security|licenses|phpmyadmin|webalizer|server-status|server-info|cgi-bin))">

Now what is going on is that we are allowing the contents of the folder /opt/lampp/cgi-bin to become browsable.

You can test by typing the following URL in browser :

http://localhost/cgi-bin/test-cgi
(The file test-cgi already exists)

REMEMBER to restart the xampp for the changes to take effect.
/opt/lampp/lampp stop
/opt/lampp/lampp start

It's Done .... !
good.shailesh
 
Posts: 1
Joined: 01. January 2012 15:15
Operating System: Ubuntu 10.04 64 Bit

Re: Access forbidden! New XAMPP security concept:

Postby JonB » 02. January 2012 22:58

@ good.shailesh

1. - Please don't post to out-of-date topics.

2. - Please also only post accurate information. There is no need to include cgi-bin in the XAMPP/LAMPP 'security concept' LocationMatch directive, and your are not 'making it browseable'. by doing so.

Other than that, Happy New Year -
8)
User avatar
JonB
AF Moderator
 
Posts: 3210
Joined: 12. April 2010 16:41
Location: Land of the Blazing Sun
Operating System: Windows XP/7 - Fedora 15 1.7.7

Re: Access forbidden! New XAMPP security concept:

Postby nickchacha » 09. January 2012 22:42

Right to the point
Thanks Alot

But just as footnote if this doesn't solve the problem for you try changing the rights to htdoc folder
This might might help
sudo chmod -R 775 /opt/lampp/htdocs
nickchacha
 
Posts: 1
Joined: 09. January 2012 22:36
Operating System: Linux

Re: Access forbidden! New XAMPP security concept:

Postby mhervz14 » 09. January 2013 07:31

Sir, after doing all that have been post, I still do receive that error message. I am running xampp on RHEL 6.1. Done everything being post. Reformatted the machine, uninstall and reinstall xampp, redone the whole process but still phpmyadmin is inaccessible even with localhost. huhuhu. help needed please! Thanks
mhervz14
 
Posts: 2
Joined: 09. January 2013 07:21
Operating System: RHEL 6.1 32 , Fedora 16

Re: Access forbidden! New XAMPP security concept:

Postby Kleber » 18. January 2013 17:58

I had installed xampp-linux-1.8.1 on Ubuntu 11.10, but I was getting "Access forbideen" when I was accessing my own computer via http://localhost/phpmyadmin/.
I followed all steps above from Admin_Aksh and I also change directory permission as nickchacha mentioned.
Unfortunally it was not working, I was still getting "Access forbideen" when I was accessing my own computer via http://localhost/phpmyadmin.

I uninstall e install a couple of time, but I didn't work.
I have xampp-linux-1.7.3a file, which I installed it and it is working successfully now.
Since I didn't get to work correctly with xampp-linux-1.8.1 I back up to xampp-linux-1.7.3a.

Thanks,
Kleber
 
Posts: 1
Joined: 18. January 2013 17:46
Operating System: Ubuntu Linux

Re: Access forbidden! New XAMPP security concept:

Postby cornelombaard » 07. March 2013 09:10

I have also done everything as described here and I ave restarted the server but I still get an access forbidden page but this time without the 'New security feature.

Can someone please help me

Regards
cornelombaard
 
Posts: 2
Joined: 07. March 2013 07:13
Operating System: Linux

Re: Access forbidden! New XAMPP security concept:

Postby Nobbie » 07. March 2013 12:06

cornelombaard wrote:Can someone please help me

Regards


You already opened another thread in german linux board. Would you please do NOT ask your questions twice?
Nobbie
 
Posts: 13165
Joined: 09. March 2008 13:04

Re: Access forbidden! New XAMPP security concept:

Postby sqms » 13. May 2013 00:41

Change

# New XAMPP security concept

<LocationMatch "^/(?i:(?:xampp|security|licenses|phpmyadmin|webalizer|server-status|server-info))">
Order deny,allow
Allow from all
Allow from ::1 127.0.0.0/8 \
fc00::/7 10.0.0.0/8 172.16.0.0/12 192.168.0.0/16 \
fe80::/10 169.254.0.0/16

ErrorDocument 403 /error/XAMPP_FORBIDDEN.html.var
</LocationMatch>

<Directory "/opt/lampp/phpmyadmin">
AllowOverride AuthConfig Limit
Order allow,deny
Allow from all
Require all granted
</Directory>
sqms
 
Posts: 1
Joined: 13. May 2013 00:38
Operating System: linux and windows

Re: Access forbidden! New XAMPP security concept:

Postby Altrea » 13. May 2013 00:53

Sorry sqms but thats simply bulls*it!

The security concept wasn't implemented just for fun.
It should protect people who don't have the knowledge to protect theirselves and don't take all the warnings serous not to use XAMPP in live/production environments.

If you want to change your environment that way, feel free to do so, but we don't recommend that as a good way.
There are much better ways to configure the XAMPP security concept.
We don't provide any support via personal channels like PM, email, Skype, TeamViewer!

It's like porn for programmers 8)
User avatar
Altrea
AF Moderator
 
Posts: 11926
Joined: 17. August 2009 13:05
XAMPP version: several
Operating System: Windows 10 Pro x64

Next

Return to XAMPP for Linux

Who is online

Users browsing this forum: No registered users and 53 guests