Re: [users@httpd] Strange Apache behavior

Tue, 21 Jul 2015 16:34:09 -0700 

Hello John,

The directory listing display is due to the "Options Indexes" directive.
- http://httpd.apache.org/docs/2.2/mod/core.html#options |

Indexes|

   If a URL which maps to a directory is requested and there is no
   |DirectoryIndex
   <http://httpd.apache.org/docs/2.2/mod/mod_dir.html#directoryindex>|
   (/e.g./, |index.html|) in that directory, then |mod_autoindex
   <http://httpd.apache.org/docs/2.2/mod/mod_autoindex.html>| will
   return a formatted listing of the directory.

Thanks,

Mike

On 7/21/2015 11:12 AM, John Fisher GM wrote:
We're running Apache 2.2 on Debian 7 (Wheezy). We run approximately 24 vhosts, mostly small sites but also one large site. Some sites are Drupal, some are Wordpress and some are handcoded going back to 1995. 

Our structure generally is:

/home
/home/mysite-1/public_html/index.html
/home/mysite-2/public_html/index.html
/home/mysite-3/public_html/index.html
and so on...

We prefer this structure rather than the Debian norm /var/www

Here's the problem(s):
On all of the sites calls to "mysite-1.com/index.html" works properly. Things also work with the cname "www" as that is explicitly defined as "ServerAlias www.mysite-1.com" in the vhost file under sites-available. So calls to "www.mysite-1.com/index.html" also work. 

But when someone mistypes the URL, things go wrong.
For example, typing ww1.mysite-1.com takes us to the /home directory, up two levels and displays a directory listing of everything under /home. 

I made a quick fix by adding a dummy file at /home/index.html
Without that plug, a directory of all sites under /home displays, allowing access to files above the public_html directory on all our sites. 

But even with the /home/index.html file, one can just type a URL such as:
http://ww1.mysite-1.com/mysite-2/ and view anything in mysite-2 above public_html.
I probably could restrict directory access using .htaccess, but I'd prefer to find the cause of the issue.
I spent some time simplifying the files under "sites-available" to remove anything that might cause these errors. (hence my questions yesterday about /share/doc and cgi-bin).
I considered that the problem might have been something in the apache2.conf file. But I looked closely there and found nothing.
I suspect the problem is in the "sites-available/default" vhost file and the symlink "/sites-enabled/000-default" and might have to do with our changing the /var/www entry to /home. 

Is the default file and 000-default symlink needed? If so, why is that?

But I could use some guidance on all this.

Here's a typical vhost file:


<VirtualHost *:80>
        ServerAdmin webmaster@localhost
        ServerName mysite-1.com
        ServerAlias www.mysite-1.com
        DocumentRoot /home/mysite-1/public_html/

        <Directory />
                Options FollowSymLinks
                AllowOverride None
        </Directory>

        <Directory /home/mysite-1/>
                Options Indexes FollowSymLinks MultiViews
                AllowOverride All
                Order allow,deny
                allow from all
        </Directory>

        ErrorLog ${APACHE_LOG_DIR}/mysite-1.error.log
        CustomLog ${APACHE_LOG_DIR}/mysite-1.access.log combined
# Possible values include: debug, info, notice, warn, error, crit, alert, emerg. 
        LogLevel warn
</VirtualHost> 

and here is the default file:


<VirtualHost *:80>
        ServerAdmin webmaster@localhost
        DocumentRoot /home/

        <Directory />
                Options FollowSymLinks
                AllowOverride None
        </Directory>

        <Directory /home/>
                Options Indexes FollowSymLinks MultiViews
                Allowoverride Indexes
                Order allow,deny
                allow from all
        </Directory>

        ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
        <Directory "/usr/lib/cgi-bin">
                AllowOverride None
                Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
                Order allow,deny
                Allow from all
        </Directory>

        ErrorLog ${APACHE_LOG_DIR}/error.log
# Possible values include: debug, info, notice, warn, error, crit, 
        # alert, emerg.
        LogLevel warn

        CustomLog ${APACHE_LOG_DIR}/access.log combined

    Alias /doc/ "/usr/share/doc/"
    <Directory "/usr/share/doc/">
        Options Indexes MultiViews FollowSymLinks
        AllowOverride None
        Order deny,allow
        Deny from all
        Allow from 127.0.0.0/255.0.0.0 ::1/128
    </Directory>

</VirtualHost>




---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Reply via email to