[kwlug-disc] Apache 403 & access.log questions
Charles M
chaslinux at gmail.com
Thu Apr 4 22:08:52 EDT 2019
I cannot access the me/ folder by going to it directly. The help/
folder has an index.html and the help/me has an index.php folder. In
my apache configuration file I have the following:
DirectoryIndex index.html index.php
I think I've been looking at this too long and have probably missed
something simple. I checked the .htaccess file in the directory above
help/ (which is the root folder for the web server) and I see the
following:
Options -Indexes
DirectoryIndex index.php index.html index.htm
Would the Options -Indexes cause it not to redirect?
rewrite is also on (a2enmod rewrite) - mod_rewrite is the old name?
Thanks for answering so quickly Paul!
On Thu, Apr 4, 2019 at 9:58 PM Paul Nijjar via kwlug-disc
<kwlug-disc at kwlug.org> wrote:
>
> On Thu, Apr 04, 2019 at 09:34:53PM -0400, Charles M wrote:
> > Hi all. I'm trying to install an application in a sub-directory of my
> > web server. The structure is something like:
> >
> > /var/www/html/sitename/public_html/help/
> >
> > When I surf to sitename/help/ access.log shows a 200 for the
> > index.html in that directory. However the index.html is just a
> > redirect to a subfolder below help called me/. That redirected folder
> > seems to be generating a 403 error. me/ has the same user and group
> > permission as well as the same access permissions - so I'm thinking
> > this has something to do with my main site apache configuration file?
>
> Can you access the me/ folder directly without going to index.html? If
> you can, then maybe it has something to do with the redirect. If you
> can't, then the redirect may not be the problem.
> You might also consider redirecting to a completely different website
> to check that rewrites work.
>
> Also keep in mind that in these situations I tend to use mod_rewrite
> rules to do the redirection when the user hits the site (as opposed to
> putting a redirect in the file).
>
>
> >
> > Second question. In the access.log I saw a line that begins:
> >
> > 103.67.235.45 - - [04/Apr/2019:20:33:27 -0400] "POST
> > //?q=user/password&name[%23post_render][]=passthru&name[%23type]=markup&name[%23markup]=echo+R0lGOD
> >
> > It goes on for something like 30 lines at the end of which is an
> > apache 414 error. It looks to me like someone is trying to hack the
> > site (drupal). Is it worth just dropping/blocking the IP?
> >
>
> Probably? Unless it is you.
>
> --
> Sign Up for the WatCamp Newsletter: https://da.gd/wtcmp-news
> (Also http://pnijjar.freeshell.org still exists)
>
> _______________________________________________
> kwlug-disc mailing list
> kwlug-disc at kwlug.org
> http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org
--
Charles McColm
Computer Recycling: http://www.comprec.org
Fasteroids: http://www.fasteroids.ca
Twitter/Identica/Google+: @chaslinux
More information about the kwlug-disc
mailing list