You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by "Barth (John) Jones" <mu...@alltel.net> on 2004/06/08 04:02:12 UTC
[users@httpd] authentication
I'm running Apache2Triad on XPPro. I want to use .htaccess files to authenticate passwords. I understand that the preferred way to do this is via the server configuration file, not .htaccess files but I feel I'll have an easier time mobilizing from my PC to a defacto host using .htaccess files, and I'll also have a happier time moving from one host to another if called for.
So my problem is that every time I try to create my main password authentication file using the "htpasswd" program distributed with Apache for this purpose, I get the following error:
"Automatically using MD5 format. htpasswd cannot create file . . ."
I've got my httpd.config setting for the particular directory in which I'm trying to create the file temporarily set to the following:
<Directory "[. . . ]">
Options FollowSymLinks
AllowOverride All
Order allow, deny
Allow from All
I keep getting that same error message. Any help will be appreciated.
Re: [users@httpd] authentication
Posted by "Barth (John) Jones" <mu...@alltel.net>.
R. Andersson wrote:
Also, does the password file you are attempting to create
> > already exist before running the command?
No
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] authentication
Posted by "Barth (John) Jones" <mu...@alltel.net>.
Loads of thanks!
----- Original Message -----
From: "Tim Burden" <Ti...@Burden.ca>
To: <us...@httpd.apache.org>
Sent: Tuesday, June 08, 2004 7:36 PM
Subject: Re: [users@httpd] authentication
> Try Googling "perl system call".
>
> ----- Original Message -----
> From: "Barth (John) Jones" <mu...@alltel.net>
> To: <us...@httpd.apache.org>
> Sent: Tuesday, June 08, 2004 7:33 PM
> Subject: Re: [users@httpd] authentication
>
>
> > Yes, that's definitely what I need, but for Perl. I'll learn PHP once
> I've
> > got a half descent handle on Perl since Perl's more versatile.
> >
> > Any good links for Perl system functions?
> >
> > Much Thanks!
> >
> > ----- Original Message -----
> > From: "Tim Burden" <Ti...@Burden.ca>
> > To: <us...@httpd.apache.org>
> > Sent: Tuesday, June 08, 2004 7:20 PM
> > Subject: Re: [users@httpd] authentication
> >
> >
> > > Just for example, the PHP language has a system() function that takes
as
> > > arguments stuff you would normally put on a command line.
> > > http://ca.php.net/manual/en/function.system.php
> > >
> > > ----- Original Message -----
> > > From: "Barth (John) Jones" <mu...@alltel.net>
> > > To: <us...@httpd.apache.org>; "Robert Andersson" <ro...@profundis.nu>
> > > Sent: Tuesday, June 08, 2004 6:52 PM
> > > Subject: Re: [users@httpd] authentication
> > >
> > >
> > > > I would research this right away but I thought since you just posted
> > this
> > > > Robert, I might catch you before you left [I hope you're done with
the
> > > > confusion for the night].
> > > >
> > > > What exactly do you mean when you say, "language's system()
function"?
> > > >
> > > > Here's the context:
> > > >
> > > > Just
> > > > > collect the username and password and then invoke htpasswd from
the
> > > > > ***language's system() function*** to do the actual adding of the
> > user;
> > > > that is
> > > > > better than to try to manually add the user.
> > > >
> > > > > See <URL:http://httpd.apache.org/userslist.html> for more info.
> > > > > To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> > > > > " from the digest: users-digest-unsubscribe@httpd.apache.org
> > > > > For additional commands, e-mail: users-help@httpd.apache.org
> > > > >
> > > > >
> > > >
> > > > [Thanks Rob! I hope your mind clears soon!]
> > > >
> > > >
> > >
> ---------------------------------------------------------------------
> > > > The official User-To-User support forum of the Apache HTTP Server
> > Project.
> > > > See <URL:http://httpd.apache.org/userslist.html> for more info.
> > > > To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> > > > " from the digest: users-digest-unsubscribe@httpd.apache.org
> > > > For additional commands, e-mail: users-help@httpd.apache.org
> > > >
> > >
> > >
> > > ---------------------------------------------------------------------
> > > The official User-To-User support forum of the Apache HTTP Server
> Project.
> > > See <URL:http://httpd.apache.org/userslist.html> for more info.
> > > To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> > > " from the digest: users-digest-unsubscribe@httpd.apache.org
> > > For additional commands, e-mail: users-help@httpd.apache.org
> > >
> > >
> >
> >
> > ---------------------------------------------------------------------
> > The official User-To-User support forum of the Apache HTTP Server
Project.
> > See <URL:http://httpd.apache.org/userslist.html> for more info.
> > To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> > " from the digest: users-digest-unsubscribe@httpd.apache.org
> > For additional commands, e-mail: users-help@httpd.apache.org
> >
>
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] authentication
Posted by Tim Burden <Ti...@Burden.ca>.
Try Googling "perl system call".
----- Original Message -----
From: "Barth (John) Jones" <mu...@alltel.net>
To: <us...@httpd.apache.org>
Sent: Tuesday, June 08, 2004 7:33 PM
Subject: Re: [users@httpd] authentication
> Yes, that's definitely what I need, but for Perl. I'll learn PHP once
I've
> got a half descent handle on Perl since Perl's more versatile.
>
> Any good links for Perl system functions?
>
> Much Thanks!
>
> ----- Original Message -----
> From: "Tim Burden" <Ti...@Burden.ca>
> To: <us...@httpd.apache.org>
> Sent: Tuesday, June 08, 2004 7:20 PM
> Subject: Re: [users@httpd] authentication
>
>
> > Just for example, the PHP language has a system() function that takes as
> > arguments stuff you would normally put on a command line.
> > http://ca.php.net/manual/en/function.system.php
> >
> > ----- Original Message -----
> > From: "Barth (John) Jones" <mu...@alltel.net>
> > To: <us...@httpd.apache.org>; "Robert Andersson" <ro...@profundis.nu>
> > Sent: Tuesday, June 08, 2004 6:52 PM
> > Subject: Re: [users@httpd] authentication
> >
> >
> > > I would research this right away but I thought since you just posted
> this
> > > Robert, I might catch you before you left [I hope you're done with the
> > > confusion for the night].
> > >
> > > What exactly do you mean when you say, "language's system() function"?
> > >
> > > Here's the context:
> > >
> > > Just
> > > > collect the username and password and then invoke htpasswd from the
> > > > ***language's system() function*** to do the actual adding of the
> user;
> > > that is
> > > > better than to try to manually add the user.
> > >
> > > > See <URL:http://httpd.apache.org/userslist.html> for more info.
> > > > To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> > > > " from the digest: users-digest-unsubscribe@httpd.apache.org
> > > > For additional commands, e-mail: users-help@httpd.apache.org
> > > >
> > > >
> > >
> > > [Thanks Rob! I hope your mind clears soon!]
> > >
> > >
> > > ---------------------------------------------------------------------
> > > The official User-To-User support forum of the Apache HTTP Server
> Project.
> > > See <URL:http://httpd.apache.org/userslist.html> for more info.
> > > To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> > > " from the digest: users-digest-unsubscribe@httpd.apache.org
> > > For additional commands, e-mail: users-help@httpd.apache.org
> > >
> >
> >
> > ---------------------------------------------------------------------
> > The official User-To-User support forum of the Apache HTTP Server
Project.
> > See <URL:http://httpd.apache.org/userslist.html> for more info.
> > To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> > " from the digest: users-digest-unsubscribe@httpd.apache.org
> > For additional commands, e-mail: users-help@httpd.apache.org
> >
> >
>
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] authentication
Posted by "Barth (John) Jones" <mu...@alltel.net>.
Yes, that's definitely what I need, but for Perl. I'll learn PHP once I've
got a half descent handle on Perl since Perl's more versatile.
Any good links for Perl system functions?
Much Thanks!
----- Original Message -----
From: "Tim Burden" <Ti...@Burden.ca>
To: <us...@httpd.apache.org>
Sent: Tuesday, June 08, 2004 7:20 PM
Subject: Re: [users@httpd] authentication
> Just for example, the PHP language has a system() function that takes as
> arguments stuff you would normally put on a command line.
> http://ca.php.net/manual/en/function.system.php
>
> ----- Original Message -----
> From: "Barth (John) Jones" <mu...@alltel.net>
> To: <us...@httpd.apache.org>; "Robert Andersson" <ro...@profundis.nu>
> Sent: Tuesday, June 08, 2004 6:52 PM
> Subject: Re: [users@httpd] authentication
>
>
> > I would research this right away but I thought since you just posted
this
> > Robert, I might catch you before you left [I hope you're done with the
> > confusion for the night].
> >
> > What exactly do you mean when you say, "language's system() function"?
> >
> > Here's the context:
> >
> > Just
> > > collect the username and password and then invoke htpasswd from the
> > > ***language's system() function*** to do the actual adding of the
user;
> > that is
> > > better than to try to manually add the user.
> >
> > > See <URL:http://httpd.apache.org/userslist.html> for more info.
> > > To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> > > " from the digest: users-digest-unsubscribe@httpd.apache.org
> > > For additional commands, e-mail: users-help@httpd.apache.org
> > >
> > >
> >
> > [Thanks Rob! I hope your mind clears soon!]
> >
> >
> > ---------------------------------------------------------------------
> > The official User-To-User support forum of the Apache HTTP Server
Project.
> > See <URL:http://httpd.apache.org/userslist.html> for more info.
> > To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> > " from the digest: users-digest-unsubscribe@httpd.apache.org
> > For additional commands, e-mail: users-help@httpd.apache.org
> >
>
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] authentication
Posted by Tim Burden <Ti...@Burden.ca>.
Just for example, the PHP language has a system() function that takes as
arguments stuff you would normally put on a command line.
http://ca.php.net/manual/en/function.system.php
----- Original Message -----
From: "Barth (John) Jones" <mu...@alltel.net>
To: <us...@httpd.apache.org>; "Robert Andersson" <ro...@profundis.nu>
Sent: Tuesday, June 08, 2004 6:52 PM
Subject: Re: [users@httpd] authentication
> I would research this right away but I thought since you just posted this
> Robert, I might catch you before you left [I hope you're done with the
> confusion for the night].
>
> What exactly do you mean when you say, "language's system() function"?
>
> Here's the context:
>
> Just
> > collect the username and password and then invoke htpasswd from the
> > ***language's system() function*** to do the actual adding of the user;
> that is
> > better than to try to manually add the user.
>
> > See <URL:http://httpd.apache.org/userslist.html> for more info.
> > To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> > " from the digest: users-digest-unsubscribe@httpd.apache.org
> > For additional commands, e-mail: users-help@httpd.apache.org
> >
> >
>
> [Thanks Rob! I hope your mind clears soon!]
>
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] authentication
Posted by "Barth (John) Jones" <mu...@alltel.net>.
I would research this right away but I thought since you just posted this
Robert, I might catch you before you left [I hope you're done with the
confusion for the night].
What exactly do you mean when you say, "language's system() function"?
Here's the context:
Just
> collect the username and password and then invoke htpasswd from the
> ***language's system() function*** to do the actual adding of the user;
that is
> better than to try to manually add the user.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>
[Thanks Rob! I hope your mind clears soon!]
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Blocking Visitors
Posted by Joey Hewitt <jo...@joeyhewitt.com>.
Tim Burden <ti...@burden.ca> wrote:
> I assume you have some kind of automated (free) registration system, and
> that's why you can't just ban by username. If you are banning people from
> your forums or whatever by IP address, they'll get back in the next time
> their IP address changes, which is the next time they dial up, or more
> rarely (but still regularly) if they are on DSL. So even non-geeks will
get
> in, without having to do anything special.
>
> A computer can also have more than one IP address at one time, too. And, a
> single IP address can have more than one computer behind it (think masq
> router or proxy). So really there is not much you can tell about the
> identity of a user by his IP address.
I just had an interesting idea. Perhaps you could fetch NetBIOS usernames,
computer names, and workgroup names, and block based on them. It's not very
nice to "exploit" this, but whatever they did to deserve being blocked
wasn't nice either. ;) 'Course, that's assuming that your users are silly
enough to run Windows with NetBIOS over TCP/IP and not have a decent
firewall in place. Actually, I'd be interested in statistics for just how
many web site visitors to a fairly busy site are open to this. Just my 2
cents...
==Joey
> ----- Original Message -----
> From: "David Blomstrom" <da...@yahoo.com>
> To: <us...@httpd.apache.org>
> Sent: Wednesday, June 09, 2004 12:54 PM
> Subject: Re: [users@httpd] Blocking Visitors
>
>
> > Thanks for all the tips and resources. I'm going to
> > check them out today.
> >
> > One more question. To put it in perspective, let's put
> > the situation in reverse. Suppose I'm the one who's
> > being blocked from a website or forum by an .htaccess
> > file.
> >
> > Aside from purchasing a second computer with a
> > different IP, is there a way for me to beat the system
> > and register with a new username and password?
> >
> > I imagine modifying the .htaccess file would
> > effectively screen 95% of the people I want to screen.
> > I just wondered if it's foolproof - or geekproof.
> >
> > Thanks.
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Blocking Visitors
Posted by Tim Burden <ti...@burden.ca>.
I assume you have some kind of automated (free) registration system, and
that's why you can't just ban by username. If you are banning people from
your forums or whatever by IP address, they'll get back in the next time
their IP address changes, which is the next time they dial up, or more
rarely (but still regularly) if they are on DSL. So even non-geeks will get
in, without having to do anything special.
A computer can also have more than one IP address at one time, too. And, a
single IP address can have more than one computer behind it (think masq
router or proxy). So really there is not much you can tell about the
identity of a user by his IP address.
----- Original Message -----
From: "David Blomstrom" <da...@yahoo.com>
To: <us...@httpd.apache.org>
Sent: Wednesday, June 09, 2004 12:54 PM
Subject: Re: [users@httpd] Blocking Visitors
> Thanks for all the tips and resources. I'm going to
> check them out today.
>
> One more question. To put it in perspective, let's put
> the situation in reverse. Suppose I'm the one who's
> being blocked from a website or forum by an .htaccess
> file.
>
> Aside from purchasing a second computer with a
> different IP, is there a way for me to beat the system
> and register with a new username and password?
>
> I imagine modifying the .htaccess file would
> effectively screen 95% of the people I want to screen.
> I just wondered if it's foolproof - or geekproof.
>
> Thanks.
>
>
>
>
>
> __________________________________
> Do you Yahoo!?
> Friends. Fun. Try the all-new Yahoo! Messenger.
> http://messenger.yahoo.com/
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Blocking Visitors
Posted by Steven Pierce <pa...@speakeasy.net>.
David,
If you are using the same ISP that does not mean by having
a second computer that you will be able to register a new account.
If the person that is blocking you, is blocking an entire range, you
can have a hundred computers and it willmake little difference.
So if this person is blocking all 192.168.0.x then unless you get
an IP address from a NEW ISP you will still be blocked.
Now if the person is just blocking 192.168.0.1 if you can get
192.168.0.2 then you would be OK.
** Yes I know this is a private IP, using as an example**
I would guess that if the person wants you out bad enough that
they will block a RANGE of IP's. So again a new computer is not
going to help...
*********** REPLY SEPARATOR ***********
On 6/9/2004 at 9:54 AM David Blomstrom wrote:
>Thanks for all the tips and resources. I'm going to
>check them out today.
>
>One more question. To put it in perspective, let's put
>the situation in reverse. Suppose I'm the one who's
>being blocked from a website or forum by an .htaccess
>file.
>
>Aside from purchasing a second computer with a
>different IP, is there a way for me to beat the system
>and register with a new username and password?
>
>I imagine modifying the .htaccess file would
>effectively screen 95% of the people I want to screen.
>I just wondered if it's foolproof - or geekproof.
>
>Thanks.
>
>
>
>
>
>__________________________________
>Do you Yahoo!?
>Friends. Fun. Try the all-new Yahoo! Messenger.
>http://messenger.yahoo.com/
>
>---------------------------------------------------------------------
>The official User-To-User support forum of the Apache HTTP Server Project.
>See <URL:http://httpd.apache.org/userslist.html> for more info.
>To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
>For additional commands, e-mail: users-help@httpd.apache.org
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] "C is not a recognized protocol"
Posted by Eugene Lee <li...@fsck.net>.
On Wed, Jun 09, 2004 at 06:51:51PM -0700, David Blomstrom wrote:
:
: <?php include
: ($_SERVER['DOCUMENT_ROOT']."/includes/footer.php"); ?>
:
: It works fine, but I'm having trouble applying it to
: non-include links. For example, if I change this
: link...
:
: <a href="../../world/index.php">World</a>
:
: to this...
:
: <a href="<?php echo
: $_SERVER['DOCUMENT_ROOT']."world/index.php"?>">World</a>
This won't work. In PHP, it expects absolute pathnames based on the
real filesystem itself. Statements like include() and require() and
any file I/O functions will work with absolute pathnames. But your
HTML file does *not* work with absolute pathnames based on the real
filesystem. It does work with pathnames that appear to be absolute,
but in reality are relative to the *start* of Apache's document root.
: Does this mean there's something wrong with my virtual
: host set up, or is this a PHP problem?
It's more of a PHP problem, although it is not only a PHP problem.
This difference is between the absolute filesystem pathname vs. the
relative ("document root") pathname that starts from some point
within the absolute pathname filesystem.
--
Eugene Lee
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] "C is not a recognized protocol"
Posted by Chris <li...@leftbrained.org>.
Try changing
<a href="C:/sites/../../
to
<a href="file://C:\sites\..\..\
Windows *needs* backslashes , and file is the correct protocol (though I think if you *just* change the backslashes it will still work.
Chris
David Blomstrom wrote:
>OK, I want to start from square one, so you'll know
>exactly where I'm "coming from." If it sounds like a
>PHP question at first, just bear with me.
>
>An error message I received in ZendStudio suggested
>that my include links were a security risk and that I
>switch to "constant" include links. After asking
>around on several forums, I finally wound up with this
>replacement:
>
><?php include
>($_SERVER['DOCUMENT_ROOT']."/includes/footer.php"); ?>
>
>It works fine, but I'm having trouble applying it to
>non-include links. For example, if I change this
>link...
>
><a href="../../world/index.php">World</a>
>
>to this...
>
><a href="<?php echo
>$_SERVER['DOCUMENT_ROOT']."world/index.php"?>">World</a>
>
>then preview my page, I see this in the source code:
>
><a href="C:/sites/../../world/index.php">World</a>
>
>That looks pretty logical, but when I click the link,
>I receive an error message that says "C is not a
>registered protocol."
>
>Does this mean there's something wrong with my virtual
>host set up, or is this a PHP problem?
>
>Thanks.
>
>
>
>
>__________________________________
>Do you Yahoo!?
>Friends. Fun. Try the all-new Yahoo! Messenger.
>http://messenger.yahoo.com/
>
>---------------------------------------------------------------------
>The official User-To-User support forum of the Apache HTTP Server Project.
>See <URL:http://httpd.apache.org/userslist.html> for more info.
>To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
>For additional commands, e-mail: users-help@httpd.apache.org
>
>
>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
[users@httpd] "C is not a recognized protocol"
Posted by David Blomstrom <da...@yahoo.com>.
OK, I want to start from square one, so you'll know
exactly where I'm "coming from." If it sounds like a
PHP question at first, just bear with me.
An error message I received in ZendStudio suggested
that my include links were a security risk and that I
switch to "constant" include links. After asking
around on several forums, I finally wound up with this
replacement:
<?php include
($_SERVER['DOCUMENT_ROOT']."/includes/footer.php"); ?>
It works fine, but I'm having trouble applying it to
non-include links. For example, if I change this
link...
<a href="../../world/index.php">World</a>
to this...
<a href="<?php echo
$_SERVER['DOCUMENT_ROOT']."world/index.php"?>">World</a>
then preview my page, I see this in the source code:
<a href="C:/sites/../../world/index.php">World</a>
That looks pretty logical, but when I click the link,
I receive an error message that says "C is not a
registered protocol."
Does this mean there's something wrong with my virtual
host set up, or is this a PHP problem?
Thanks.
__________________________________
Do you Yahoo!?
Friends. Fun. Try the all-new Yahoo! Messenger.
http://messenger.yahoo.com/
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Blocking Visitors
Posted by David Blomstrom <da...@yahoo.com>.
Thanks for all the tips and resources. I'm going to
check them out today.
One more question. To put it in perspective, let's put
the situation in reverse. Suppose I'm the one who's
being blocked from a website or forum by an .htaccess
file.
Aside from purchasing a second computer with a
different IP, is there a way for me to beat the system
and register with a new username and password?
I imagine modifying the .htaccess file would
effectively screen 95% of the people I want to screen.
I just wondered if it's foolproof - or geekproof.
Thanks.
__________________________________
Do you Yahoo!?
Friends. Fun. Try the all-new Yahoo! Messenger.
http://messenger.yahoo.com/
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Blocking Visitors
Posted by Thomas Gabrielsen <ap...@arton.no>.
>
> I have no idea how to find your real IP.
>
http://www.myip.com
> ----- Original Message -----
> From: "David Blomstrom" <da...@yahoo.com>
> To: <us...@httpd.apache.org>
> Sent: Wednesday, June 09, 2004 4:18 AM
> Subject: [users@httpd] Blocking Visitors
>
>
> > I'd like to learn how to block certain visitors or
> > computers from my website. I remember reading that you
> > could do it with Apache - based on their IP number, I
> > believe.
> >
> > Am I correct in stating that every computer has an IP
> > number? If so, how do I determine what my IP number
> > is?
> >
> > Also, what tricks could a visitor use in beating the
> > block? In other words, imagine I had an online forum
> > that requires users to register with a username and
> > password. If I block a visitor (computer) with IP
> > number 007, that individual could still register if
> > s/he had a second computer with a different IP number,
> > right? Is there any way they can register with the
> > same computer - like through an "anonymizer" or
> > something? Are there ways they can hide or change
> > their IP numbers?
> >
> > Thanks.
> >
> >
> >
> >
> > __________________________________
> > Do you Yahoo!?
> > Friends. Fun. Try the all-new Yahoo! Messenger.
> > http://messenger.yahoo.com/
> >
> > ---------------------------------------------------------------------
> > The official User-To-User support forum of the Apache HTTP Server
Project.
> > See <URL:http://httpd.apache.org/userslist.html> for more info.
> > To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> > " from the digest: users-digest-unsubscribe@httpd.apache.org
> > For additional commands, e-mail: users-help@httpd.apache.org
> >
> >
>
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Blocking Visitors
Posted by "Barth (John) Jones" <mu...@alltel.net>.
David, here are some links to instructions regarding .htaccess:
https://bama.ua.edu/manual/howto/auth.html
https://bama.ua.edu/manual/howto/htaccess.html
I recently succeeded incorporating .htaccess into my site and I'm brand new
with Apache so it's not too hard. You just have to do the research.
You can use two IPs for your local computer: http://localhost or
http://127.0.0.1
This address can be used from your browser to access the index if your local
computer is also serving your website (if you have an index--if not just
trail with /filepath/file.whatever). This makes developing your site a lot
smoother because you don't have to upload your pages every time you want to
test them.
I have no idea how to find your real IP.
----- Original Message -----
From: "David Blomstrom" <da...@yahoo.com>
To: <us...@httpd.apache.org>
Sent: Wednesday, June 09, 2004 4:18 AM
Subject: [users@httpd] Blocking Visitors
> I'd like to learn how to block certain visitors or
> computers from my website. I remember reading that you
> could do it with Apache - based on their IP number, I
> believe.
>
> Am I correct in stating that every computer has an IP
> number? If so, how do I determine what my IP number
> is?
>
> Also, what tricks could a visitor use in beating the
> block? In other words, imagine I had an online forum
> that requires users to register with a username and
> password. If I block a visitor (computer) with IP
> number 007, that individual could still register if
> s/he had a second computer with a different IP number,
> right? Is there any way they can register with the
> same computer - like through an "anonymizer" or
> something? Are there ways they can hide or change
> their IP numbers?
>
> Thanks.
>
>
>
>
> __________________________________
> Do you Yahoo!?
> Friends. Fun. Try the all-new Yahoo! Messenger.
> http://messenger.yahoo.com/
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
RE: [users@httpd] Blocking Visitors
Posted by Koen Vingerhoets <ko...@ubench.be>.
Hi,
every computer with a network card has an IP.
If no cable connected, or when badly configured, MS (I assume that's what
most people use) assigns an adress in the 169.x.x.x range.
On local networks, you can use 192.168.x.x. VPN networks usually use
10.x.x.x
When connected to the internet, you can compare the PC to your house.
Your adress consists of country, community, street, number
Your IP is your adress, with each number narrowing down the range.
To beat the block:
- use a modem, different IP every time
- use a proxy(chain), different IP
Hiding/changing is usually called spoofing. While many tools are available
(google), you can only completely spoof your IP on Unix.
Koen
-----Original Message-----
From: David Blomstrom [mailto:david_blomstrom@yahoo.com]
Sent: Wednesday, June 09, 2004 10:19 AM
To: users@httpd.apache.org
Subject: [users@httpd] Blocking Visitors
I'd like to learn how to block certain visitors or
computers from my website. I remember reading that you
could do it with Apache - based on their IP number, I
believe.
Am I correct in stating that every computer has an IP
number? If so, how do I determine what my IP number
is?
Also, what tricks could a visitor use in beating the
block? In other words, imagine I had an online forum
that requires users to register with a username and
password. If I block a visitor (computer) with IP
number 007, that individual could still register if
s/he had a second computer with a different IP number,
right? Is there any way they can register with the
same computer - like through an "anonymizer" or
something? Are there ways they can hide or change
their IP numbers?
Thanks.
__________________________________
Do you Yahoo!?
Friends. Fun. Try the all-new Yahoo! Messenger.
http://messenger.yahoo.com/
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
[users@httpd] Blocking Visitors
Posted by David Blomstrom <da...@yahoo.com>.
I'd like to learn how to block certain visitors or
computers from my website. I remember reading that you
could do it with Apache - based on their IP number, I
believe.
Am I correct in stating that every computer has an IP
number? If so, how do I determine what my IP number
is?
Also, what tricks could a visitor use in beating the
block? In other words, imagine I had an online forum
that requires users to register with a username and
password. If I block a visitor (computer) with IP
number 007, that individual could still register if
s/he had a second computer with a different IP number,
right? Is there any way they can register with the
same computer - like through an "anonymizer" or
something? Are there ways they can hide or change
their IP numbers?
Thanks.
__________________________________
Do you Yahoo!?
Friends. Fun. Try the all-new Yahoo! Messenger.
http://messenger.yahoo.com/
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Virtual Hosts - What am I doing wrong?
Posted by David Blomstrom <da...@yahoo.com>.
Oops...ignore that last post. I just made a dumb
mistake; I discovered that I inadvertently erased the
line NameVirtualHost 127.0.0.1:80
Everything's now back to normal. Thanks.
__________________________________
Do you Yahoo!?
Friends. Fun. Try the all-new Yahoo! Messenger.
http://messenger.yahoo.com/
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Virtual Hosts - What am I doing wrong?
Posted by David Blomstrom <da...@yahoo.com>.
--- Tim Burden <Ti...@Burden.ca> wrote:
> No, I'm saying your vhosts are probably OK, but the
> reason your includes
> need to look that way is because of that line, which
> is extraneous.
>
> By the way you should never piddle with your
> superglobals like that.
* * * * * * * * * *
This all started when I was trying out ZendStudio. I
got some sort of error message that suggested I use
"constant" includes. I didn't know what it meant, so I
ask on some online forums, and people suggested I use
that particular include link, though several
variations of it were recommended.
Then they told me I had to set up virtual hosts to
make it work. Speaking of which, something just flaked
out. I wanted to return to my first virtual host
setting - which worked beautifully, except for those
PHP includes.
But I'm now getting all sorts of weird feedback.
Typing in http://rep5/ leads to a blank screen, or I
see the home page of sites/geobop whether I type in
http://geobop, http://rep5 or http://geozoo Sometimes,
if I click on one of my links to a site - say geozoo,
it seems to "adopt" that site, so that if I later
click on the link to geoworld, I get
http://geozoo/geoworld
I'm thoroughly confused.
Again, here are the relevant paths:
C:/xampp/apache/
C:/xampp/htdocs/
C:/sites/[my websites]
Here's what I have in my HOSTS file:
# 102.54.94.97 rhino.acme.com #
source server
# 38.25.63.10 x.acme.com # x
client host
127.0.0.1 localhost
127.0.0.1 geobop
127.0.0.1 geowebworks
127.0.0.1 geoworld
127.0.0.1 geozoo
127.0.0.1 geosymbols
127.0.0.1 politix
127.0.0.1 geoworldNA
127.0.0.1 geoworldSA
127.0.0.1 geoworldEurasia
127.0.0.1 geoworldMideast
127.0.0.1 geoworldAfrica
127.0.0.1 geoworldAus
127.0.0.1 geoworldAnt
127.0.0.1 geoworldOceanus
127.0.0.1 geozoo
127.0.0.1 geozooBirds
127.0.0.1 geozooMammals
127.0.0.1 geobopcom
127.0.0.1 rep5
127.0.0.1 jail4bush
127.0.0.1 freedomware
127.0.0.1 edrevolt
127.0.0.1 seaschools
127.0.0.1 seattleschooldistrict
127.0.0.1 glasspalace
127.0.0.1 johnstanford
127.0.0.1 govwa
127.0.0.1 vmak
127.0.0.1 bergeson
And here's what I have in my conf file:
#<VirtualHost *>
# ServerAdmin webmaster@dummy-host.example.com
# DocumentRoot /www/docs/dummy-host.example.com
# ServerName dummy-host.example.com
# ErrorLog logs/dummy-host.example.com-error_log
# CustomLog logs/dummy-host.example.com-access_log
common
#</VirtualHost>
<VirtualHost 127.0.0.1>
ServerAdmin admin@localhost
DocumentRoot "c:/sites"
ServerName localhost
ErrorLog logs/localhost_error.log
CustomLog logs/localhost_access.log common
</VirtualHost>
<VirtualHost 127.0.0.1>
ServerAdmin webmaster@geobop
DocumentRoot "c:/sites/geobop"
ServerName geobop
ServerAlias *.geobop
ErrorLog logs/geobop-error.log
ScriptAlias /cgi-bin/ "c:/sites/geobop/cgi-bin/"
<Directory "c:/sites/geobop">
Options All Includes Indexes
</Directory>
</VirtualHost>
[Followed by all my other websites.]
I also tried it without the first block of code...
<VirtualHost 127.0.0.1>
ServerAdmin admin@localhost
DocumentRoot "c:/sites"
ServerName localhost
ErrorLog logs/localhost_error.log
CustomLog logs/localhost_access.log common
</VirtualHost>
but that didn't work, either. I can't figure out what
I did wrong.
__________________________________
Do you Yahoo!?
Friends. Fun. Try the all-new Yahoo! Messenger.
http://messenger.yahoo.com/
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Virtual Hosts - What am I doing wrong?
Posted by Tim Burden <Ti...@Burden.ca>.
No, I'm saying your vhosts are probably OK, but the reason your includes
need to look that way is because of that line, which is extraneous.
By the way you should never piddle with your superglobals like that.
----- Original Message -----
From: "David Blomstrom" <da...@yahoo.com>
To: <us...@httpd.apache.org>
Sent: Tuesday, June 08, 2004 7:29 PM
Subject: Re: [users@httpd] Virtual Hosts - What am I doing wrong?
> --- Tim Burden <Ti...@Burden.ca> wrote:
> > What is the purpose of this line?
> > $_SERVER['DOCUMENT_ROOT'] .= '/freedomware';
> >
> > I'm pretty sure you just set your global to
> > c:/sites/freedomware/freedomware
> > and so it's no wonder you have to back up the tree a
> > notch.
>
> Are you saying my virtual hosts are OK, but there's a
> problem with my include link? I had a hard time
> figuring that one out; I was given several different
> variations from different people, some of which worked
> and others that didn't.
>
> Thanks.
>
>
>
>
> __________________________________
> Do you Yahoo!?
> Friends. Fun. Try the all-new Yahoo! Messenger.
> http://messenger.yahoo.com/
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Virtual Hosts - What am I doing wrong?
Posted by David Blomstrom <da...@yahoo.com>.
--- Tim Burden <Ti...@Burden.ca> wrote:
> What is the purpose of this line?
> $_SERVER['DOCUMENT_ROOT'] .= '/freedomware';
>
> I'm pretty sure you just set your global to
> c:/sites/freedomware/freedomware
> and so it's no wonder you have to back up the tree a
> notch.
Are you saying my virtual hosts are OK, but there's a
problem with my include link? I had a hard time
figuring that one out; I was given several different
variations from different people, some of which worked
and others that didn't.
Thanks.
__________________________________
Do you Yahoo!?
Friends. Fun. Try the all-new Yahoo! Messenger.
http://messenger.yahoo.com/
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Virtual Hosts - What am I doing wrong?
Posted by Tim Burden <Ti...@Burden.ca>.
What is the purpose of this line?
$_SERVER['DOCUMENT_ROOT'] .= '/freedomware';
I'm pretty sure you just set your global to c:/sites/freedomware/freedomware
and so it's no wonder you have to back up the tree a notch.
----- Original Message -----
From: "David Blomstrom" <da...@yahoo.com>
To: <us...@httpd.apache.org>
Sent: Tuesday, June 08, 2004 7:06 PM
Subject: [users@httpd] Virtual Hosts - What am I doing wrong?
> I thought I had successfully set up virtual hosts, but
> it can't be right, because the php include links below
> won't work without the extra path segment (../):
>
> <?php
> $_SERVER['DOCUMENT_ROOT'] .= '/freedomware';
> include
> ($_SERVER['DOCUMENT_ROOT']."/../includes/head.php");
> ?>
> </head>
> <body>
> <?php include
> ($_SERVER['DOCUMENT_ROOT']."/../includes/top.php"); ?>
>
> The last line SHOULD read <?php include
> ($_SERVER['DOCUMENT_ROOT']."/includes/top.php"); ?>,
> right?
>
> But I can't figure out what I did wrong. Let's start
> with my set up. Below are all the relevant paths\
>
> C:/xampp/apache/
> C:/xampp/htdocs/
> C:/sites/mysites
>
> Below are the first few entries on my httpd conf file:
>
> <VirtualHost 127.0.0.1>
> ServerAdmin admin@localhost
> DocumentRoot "c:/sites"
> ServerName localhost
> ErrorLog logs/localhost_error.log
> CustomLog logs/localhost_access.log common
> </VirtualHost>
>
> <VirtualHost 127.0.0.1>
> ServerAdmin webmaster@1
> DocumentRoot "c:/sites/1"
> ServerName 1
> ServerAlias *.1
> ErrorLog logs/1-error.log
> ScriptAlias /cgi-bin/ "c:/sites/1/cgi-bin/"
> <Directory "c:/sites/1">
> Options All Includes Indexes
> </Directory>
> </VirtualHost>
>
> <VirtualHost 127.0.0.1>
> ServerAdmin webmaster@geobop
> DocumentRoot "c:/sites/geobop"
> ServerName geobop
> ServerAlias *.geobop
> ErrorLog logs/geobop-error.log
> ScriptAlias /cgi-bin/ "c:/sites/geobop/cgi-bin/"
> <Directory "c:/sites/geobop">
> Options All Includes Indexes
> </Directory>
> </VirtualHost>
>
> For some reason, c:/sites/1 doesn't work, but all my
> other sites work. For example, I can preview
> c:/sites/geobop at http://geobop/ But the include
> links require that extra ../
>
> It occurred to me that the first block of code might
> not belong, so I deleted it...
>
> <VirtualHost 127.0.0.1>
> ServerAdmin admin@localhost
> DocumentRoot "c:/sites"
> ServerName localhost
> ErrorLog logs/localhost_error.log
> CustomLog logs/localhost_access.log common
> </VirtualHost>
>
> Now, if I type in http://geobop/, http://freedomware/
> or any other site, I get a different page; it appears
> to be the index page in the folder sites.
>
> So what am I doing wrong? I don't mind include links
> with an extra ../. They appear to work both locally
> and online. I'm just concerned that I'll eventually
> run into trouble if they're incorrect.
>
> Thanks.
>
>
>
>
> __________________________________
> Do you Yahoo!?
> Friends. Fun. Try the all-new Yahoo! Messenger.
> http://messenger.yahoo.com/
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
[users@httpd] Virtual Hosts - What am I doing wrong?
Posted by David Blomstrom <da...@yahoo.com>.
I thought I had successfully set up virtual hosts, but
it can't be right, because the php include links below
won't work without the extra path segment (../):
<?php
$_SERVER['DOCUMENT_ROOT'] .= '/freedomware';
include
($_SERVER['DOCUMENT_ROOT']."/../includes/head.php");
?>
</head>
<body>
<?php include
($_SERVER['DOCUMENT_ROOT']."/../includes/top.php"); ?>
The last line SHOULD read <?php include
($_SERVER['DOCUMENT_ROOT']."/includes/top.php"); ?>,
right?
But I can't figure out what I did wrong. Let's start
with my set up. Below are all the relevant paths\
C:/xampp/apache/
C:/xampp/htdocs/
C:/sites/mysites
Below are the first few entries on my httpd conf file:
<VirtualHost 127.0.0.1>
ServerAdmin admin@localhost
DocumentRoot "c:/sites"
ServerName localhost
ErrorLog logs/localhost_error.log
CustomLog logs/localhost_access.log common
</VirtualHost>
<VirtualHost 127.0.0.1>
ServerAdmin webmaster@1
DocumentRoot "c:/sites/1"
ServerName 1
ServerAlias *.1
ErrorLog logs/1-error.log
ScriptAlias /cgi-bin/ "c:/sites/1/cgi-bin/"
<Directory "c:/sites/1">
Options All Includes Indexes
</Directory>
</VirtualHost>
<VirtualHost 127.0.0.1>
ServerAdmin webmaster@geobop
DocumentRoot "c:/sites/geobop"
ServerName geobop
ServerAlias *.geobop
ErrorLog logs/geobop-error.log
ScriptAlias /cgi-bin/ "c:/sites/geobop/cgi-bin/"
<Directory "c:/sites/geobop">
Options All Includes Indexes
</Directory>
</VirtualHost>
For some reason, c:/sites/1 doesn't work, but all my
other sites work. For example, I can preview
c:/sites/geobop at http://geobop/ But the include
links require that extra ../
It occurred to me that the first block of code might
not belong, so I deleted it...
<VirtualHost 127.0.0.1>
ServerAdmin admin@localhost
DocumentRoot "c:/sites"
ServerName localhost
ErrorLog logs/localhost_error.log
CustomLog logs/localhost_access.log common
</VirtualHost>
Now, if I type in http://geobop/, http://freedomware/
or any other site, I get a different page; it appears
to be the index page in the folder sites.
So what am I doing wrong? I don't mind include links
with an extra ../. They appear to work both locally
and online. I'm just concerned that I'll eventually
run into trouble if they're incorrect.
Thanks.
__________________________________
Do you Yahoo!?
Friends. Fun. Try the all-new Yahoo! Messenger.
http://messenger.yahoo.com/
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] authentication
Posted by Robert Andersson <ro...@profundis.nu>.
Barth (John) Jones wrote:
> How do I automate new users to allow them access to .htaccess
> protected pages when they enter their user info (i.e., when they sign up
as'
> a user via a form)?
[I'm soory to admit I'm not sober when writing this, sorry...]
Perl or PHP is a good choice; I'm using both for that exact purpose. Just
collect the username and password and then invoke htpasswd from the
language's system() function to do the actual adding of the user; that is
better than to try to manually add the user.
Deleting users is more tricky; I don't know a better way than to "manually"
filter the password file.
If you're not a coding guru, you might want to search for stufff doing this
(I'm sure there is plenty).
Regards,
Robert Andersson
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] authentication
Posted by "Barth (John) Jones" <mu...@alltel.net>.
Actually that was an incomplete message that shouldn't have sent. I'ts not
even in my sent folder?
I figured it all out from your reply. But now I have another Q.
How do I automate new users to allow them access to .htaccess protected
pages when they enter their user info (i.e., when they sign up as a user via
a form)?
I just want to be able to use a form to take a new username & password
(confirmed with a duplicate entry), have Perl put it in my password file and
allow the user to login at that point. Is this possible?
Much Thanks.
----- Original Message -----
From: "Robert Andersson" <ro...@profundis.nu>
To: <us...@httpd.apache.org>
Sent: Tuesday, June 08, 2004 10:52 AM
Subject: Re: [users@httpd] authentication
> Barth (John) Jones wrote:
> > Not quite sure what you mean. Delete which directory?
>
> Are you refering to this:
>
> > > If you want 'passwords' to be the file, delete the directory with that
> > > name, and then do:
> > >
> > > > htpasswd -c ../password/passwords enterhere
>
> I mean that, if "c:/apache2triad/password/passwords" is a *directory*, you
> need to delete it first in order to create a *file* with that same name.
>
> To avoid confusion with file paths, try to first cd into the directory
where
> you want the password file to be created, then call htpasswd (you will
need
> the full path to it) with just the file name. Eg:
>
> c:/apache2triad/bin> cd ..
> c:/apache2triad> cd password
> c:/apache2triad/password> ../bin/htpasswd -c users username
>
> That should create a password file called 'users'.
>
> Regards,
> Robert Andersson.
>
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] authentication
Posted by Robert Andersson <ro...@profundis.nu>.
Barth (John) Jones wrote:
> Not quite sure what you mean. Delete which directory?
Are you refering to this:
> > If you want 'passwords' to be the file, delete the directory with that
> > name, and then do:
> >
> > > htpasswd -c ../password/passwords enterhere
I mean that, if "c:/apache2triad/password/passwords" is a *directory*, you
need to delete it first in order to create a *file* with that same name.
To avoid confusion with file paths, try to first cd into the directory where
you want the password file to be created, then call htpasswd (you will need
the full path to it) with just the file name. Eg:
c:/apache2triad/bin> cd ..
c:/apache2triad> cd password
c:/apache2triad/password> ../bin/htpasswd -c users username
That should create a password file called 'users'.
Regards,
Robert Andersson.
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] authentication
Posted by "Barth (John) Jones" <mu...@alltel.net>.
Thanks Rob. You're the guru!
Not quite sure what you mean. Delete which directory?
----- Original Message -----
From: "Robert Andersson" <ro...@profundis.nu>
To: <us...@httpd.apache.org>
Sent: Tuesday, June 08, 2004 10:12 AM
Subject: Re: [users@httpd] authentication
> Barth (John) Jones wrote:
> > The Apache instruction for creating your main pword file follows:
>
> Thank you, I had no idea ;)
>
> > Here's the line again:
>
> Not again, *finally*.
>
> > c:/apache2triad/bin> htpasswd -c c:/apache2triad/password/passwords
> > enterhere
>
> I thought you said both 'password' and 'passwords' were directories. You
are
> telling htpasswd to create a password file with the same name as an
existing
> directory. Not that strange it won't work. Assuming that those are
> directories and 'enterhere' is the username you want, you could do (while
> being in the bin directory):
>
> > htpasswd -c ../password/passwords/users enterhere
>
> If you want 'passwords' to be the file, delete the directory with that
name,
> and then do:
>
> > htpasswd -c ../password/passwords enterhere
>
> Regards,
> Robert Andersson
>
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] authentication
Posted by Robert Andersson <ro...@profundis.nu>.
Barth (John) Jones wrote:
> The Apache instruction for creating your main pword file follows:
Thank you, I had no idea ;)
> Here's the line again:
Not again, *finally*.
> c:/apache2triad/bin> htpasswd -c c:/apache2triad/password/passwords
> enterhere
I thought you said both 'password' and 'passwords' were directories. You are
telling htpasswd to create a password file with the same name as an existing
directory. Not that strange it won't work. Assuming that those are
directories and 'enterhere' is the username you want, you could do (while
being in the bin directory):
> htpasswd -c ../password/passwords/users enterhere
If you want 'passwords' to be the file, delete the directory with that name,
and then do:
> htpasswd -c ../password/passwords enterhere
Regards,
Robert Andersson
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] authentication
Posted by "Barth (John) Jones" <mu...@alltel.net>.
R. Andersson wrote:
> That does not make sense. The first argument (after -c) should be the
> filename. It is hard to tell, please show the *EXACT* command line (I
really
> hope it didn't look like that). As the error said, the problem is that it
> cannot create the file, probably beacuse the path is incorrect.
>
> It is probably also wise to have include the drive letter in the path, eg:
> "c:/password/passwords/file".
The Apache instruction for creating your main pword file follows:
To create the file, use the htpasswd utility that came with Apache. This be
located in the bin directory of wherever you installed Apache. To create the
file, type:
htpasswd -c /usr/local/apache/passwd/passwords rbowen
htpasswd will ask you for the password, and then ask you to type it again to
confirm it.
https://bama.ua.edu/manual/howto/auth.html
-----------------
Also I tried the full path even though I have the alias in the httpd.config
file and it still returned the MD5 message.
Here's the line again:
c:/apache2triad/bin> htpasswd -c c:/apache2triad/password/passwords
enterhere
Any answers or suggestions are appreciated
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] authentication
Posted by Robert Andersson <ro...@profundis.nu>.
Barth (John) Jones wrote:
> To invoke the command in WindowsDOS I just type (at c:/apache2triad/bin>)
> htpasswd -c /password/passwords [filename]. I created the two
directories:
> pasword and passwords myself.
That does not make sense. The first argument (after -c) should be the
filename. It is hard to tell, please show the *EXACT* command line (I really
hope it didn't look like that). As the error said, the problem is that it
cannot create the file, probably beacuse the path is incorrect.
It is probably also wise to have include the drive letter in the path, eg:
"c:/password/passwords/file".
Regards,
Robert Andersson
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] authentication
Posted by "Barth (John) Jones" <mu...@alltel.net>.
Robert Andersson wrote:
> htpasswd is a stand-alone program, so your Apache configuration is
> irrelevant to this error. Please show how and where you try to invoke the
> command (which working directory, and EXACT command line (you may obscure
> any password)). Also, does the password file you are attempting to create
> already exist before running the command?
To invoke the command in WindowsDOS I just type (at c:/apache2triad/bin>)
htpasswd -c /password/passwords [filename]. I created the two directories:
pasword and passwords myself.
Thanks
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] authentication
Posted by Robert Andersson <ro...@profundis.nu>.
[plain text!]
Barth (John) Jones wrote:
> So my problem is that every time I try to create my main password
> authentication file using the "htpasswd" program distributed with Apache
> for this purpose, I get the following error:
>
> "Automatically using MD5 format. htpasswd cannot create file . . ."
htpasswd is a stand-alone program, so your Apache configuration is
irrelevant to this error. Please show how and where you try to invoke the
command (which working directory, and EXACT command line (you may obscure
any password)). Also, does the password file you are attempting to create
already exist before running the command?
Regards,
Robert Andersson
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org