Category Archives: Computer – Linux

Webserver passwords, as well as web ‘symlinks’ WERE broken due to ONE bad .htaccess file!

Well, I unexpectedly caused the web server’s password protected directories ALL to go down the drain with just ONE mistake in ONE .htaccess file.  Not only that, but many symbolic links stopped working in apache, even though they still worked in a CLI.  I am such a dumbass, heh.  Here’s what I did:

This is an example of the .htaccess file I created:

# cat .htaccess

AuthUserFile /XXXXX/XXXXX/XXXXX/.xxxxx AuthGroupFile /dev/null
AuthName “Sam’s Blog”
AuthType Basic

<Limit GET POST PUT>
  require user xxxxx yyyyy
</Limit>

The offending line is in Bold Blue, more specifically that one little old apostrophe.  😉

All fixed now, boys and girls. 😀

‘NEW’ page now working on CRAB

 

Got the NEW page working on the CRAB server……  It was more than likely a side effect of the Apache server upgrade somewhere around the Fedora 18 or 19 upgrade.  Here’s how I did it:

I became root user, then opened a terminal in the requests directory.

# nano .htaccess

Then, I put the following into the file:

Options +Includes
AddType text/html .html .shtml .txt
AddOutputFilter INCLUDES .html .shtml .txt

Saved the file, then restarted Apache as follows:

# systemctl restart httpd

That took care of it, but I think I shall try putting that .htaccess file in CRAB’s document root, as well as the main server document root.  I think that might be a better place for that file.  😀

Yet another issue with Fedora 20. (This is getting old)

Well, tonight, while trying to track down a firewall (I think) problem, I noticed that my messages log file, as well as all the other logs in /var/log/ were not being written, and were at 0 bytes.  Not very useful to tail.  So, I discovered that Fedora was moving away from rsyslog.  I was not happy.  So, I became root and:

# service rsyslog start

That took care of starting the logging back up, and to make sure that it starts after a reboot, I used nano to edit /etc/rc.d/rc.local and this is what I added towards the top of the file:

## Enable logging (Due to Fedora 20 suckiness)

service rsyslog start

THAT most definitely expresses my sentiment.  😉  I’m sure that uncovering these little issues is far from over, and all I can imagine is that Fedora is trying to ‘dumb down’ the OS to make it more like Windows, or Mac OS, in order to get a wider user base.  Might be what the average ‘Point and Click’ user wants, but NOT what I want.  Good thing that I’ve been at this game long enough to figure out how they are trying to tie my hands.  Well, now that I have the source port numbers, I can get back on the road to figuring out my problem, tomorrow.  😉

Fedora 20 upgrade left apache wide-open.

Last night, I discovered that http://crabradio.net/blogold/ wouldn’t load the index.php, and would only load a white screen.  Good thing that I decided to fix it this morning, because I discovered that the apache upgrade left the server ignoring .htaccess files, which allow for password protecting content and directories on the web server.  The result was a ‘wide-open’ web server.  It would only be a matter of time before Google bots and Yahoo spiders would start sucking me dry trying to download the contents of my web system.  Very similar to what happened when a bad symlink allowed open access to the entire filesystem.  Google bots were having a field day with that, and I’m sure would love it again, if I didn’t fix it right away.

Both items were a fairly simple fix in the same section of the /etc/httpd/conf/httpd.conf file.  (First, had to become root user.)

# nano /etc/httpd/conf/httpd.conf

I went to the Directory Directive for /var/www/html and added two lines highlighted in green…..

<Directory “/var/www/html”>
#
DirectoryIndex index.php
#
AllowOverride All

I actually edited the AllowOverride line from ‘None’ to ‘All’.  That line controls what directives can be placed into .htaccess files.  Since apache decided to make it None, it was ignoring them.  Thanks, Apache!  Last thing to do was restart or reload the httpd service.  This is done by:

# service httpd restart

But, since service has been replaced by systemctl, there is no telling when fedora will decide to fully depreciate service.  So, you should probably start getting used to the new command.  It does so much more, anyway.

# systemctl reload httpd

To make sure that it started okay:

# systemctl status httpd

or # service httpd status

Well, everything is now running as it should.  😉