Bug Deny/Allow wird nicht beachtet

JFF

New Member
#1
Hi,

ich habe phpmyadmin installiert und in der /etc/apache2/conf.d/phpmyadmin.conf den Zugriff mit

Code:
Alias /phpmyadmin /usr/share/phpmyadmin

<Directory /usr/share/phpmyadmin>
        Options FollowSymLinks
        DirectoryIndex index.php

        Order Deny,Allow
        Deny from all
        # allow from 127.0.0.0/255.0.0.0 ::1/128
        Allow from 127.0.0.0/255.0.0.0 XX.XX.XX.0/24 ::1/128
[...]
auf localhost und ein VPN gelegt.

Der Zugriff über Server-IP geht jedoch immer noch.

In other_vhosts_access.log wird geloggt (XX.XX.XX.XX = ServerIP):

Code:
domain.tld:80 XX.XX.XX.XX - - [17/Oct/2013:12:51:38 +0200] "GET /phpmyadmin/themes/pmahomme/img/marked_bg.png HTTP/1.1" 304 187 "http://XX.XX.XX.XX/phpmyadmin/phpmyadmin.css.php?server=1&token=49c031f3b62e25648c40791024a494b2&js_frame=right&nocache=5476310917" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:24.0) Gecko/20100101 Firefox/24.0"
In ISPConfig ist die domain.tld die erste in der Liste. Eigentlich sollte das doch in der access.log stehen?

In der entsprechenden vhost-Konfiguration steht:


siehe nächster Post:
 

JFF

New Member
#2
In der entsprechenden vhost-Konfiguration steht:

Code:
<Directory /var/www/domain.tld>
                AllowOverride None
                Order Deny,Allow
                Deny from all
</Directory>

<VirtualHost XX.XX.XX.XX:80>
                                        DocumentRoot /var/www/domain.tld/web

                ServerName domain.tld
                ServerAlias www.domain.tld
                ServerAdmin webmaster@domain.tld

                ErrorLog /var/log/ispconfig/httpd/domain.tld/error.log

                Alias /error/ "/var/www/domain.tld/web/error/"
                ErrorDocument 400 /error/400.html
                ErrorDocument 401 /error/401.html
                ErrorDocument 403 /error/403.html
                ErrorDocument 404 /error/404.html
                ErrorDocument 405 /error/405.html
                ErrorDocument 500 /error/500.html
                ErrorDocument 502 /error/502.html
                ErrorDocument 503 /error/503.html

                <IfModule mod_ssl.c>
                </IfModule>

                <Directory /var/www/domain.tld/web>
                                Options FollowSymLinks
                                AllowOverride All
                                Order allow,deny
                                Allow from all

                                # ssi enabled
                                AddType text/html .shtml
                                AddOutputFilter INCLUDES .shtml
                                Options +Includes
                </Directory>
                <Directory /var/www/clients/client1/web2/web>
                                Options FollowSymLinks
                                AllowOverride All
                                Order allow,deny
                                Allow from all

                                # ssi enabled
                                AddType text/html .shtml
                                AddOutputFilter INCLUDES .shtml
                                Options +Includes
                </Directory>

                <IfModule mod_ruby.c>
                        <Directory /var/www/domain.tld/web>
                                Options +ExecCGI
                        </Directory>
                        RubyRequire apache/ruby-run
                        #RubySafeLevel 0
                        AddType text/html .rb
                        AddType text/html .rbx
                        <Files *.rb>
                                SetHandler ruby-object
                                RubyHandler Apache::RubyRun.instance
                        </Files>
                        <Files *.rbx>
                                SetHandler ruby-object
                                RubyHandler Apache::RubyRun.instance
                        </Files>
                </IfModule>

                <IfModule mod_perl.c>
                        PerlModule ModPerl::Registry
                        PerlModule Apache2::Reload
                        <Directory /var/www/domain.tld/web>
                                PerlResponseHandler ModPerl::Registry
                                PerlOptions +ParseHeaders
                                Options +ExecCGI
                        </Directory>
            <Files *.pl>
                                SetHandler perl-script
            </Files>
                </IfModule>

                <IfModule mod_python.c>
                        <Directory /var/www/domain.tld/web>
                                AddHandler mod_python .py
                                PythonHandler mod_python.publisher
                                PythonDebug On
                        </Directory>
                </IfModule>

                # cgi enabled
        <Directory /var/www/clients/client1/web2/cgi-bin>
                        Order allow,deny
                        Allow from all
                </Directory>
                ScriptAlias  /cgi-bin/ /var/www/clients/client1/web2/cgi-bin/
                AddHandler cgi-script .cgi
                AddHandler cgi-script .pl
                # suexec enabled
                <IfModule mod_suexec.c>
                        SuexecUserGroup web2 client1
                </IfModule>
                # Clear PHP settings of this website
                <FilesMatch "\.ph(p3?|tml)$">
                                SetHandler None
                </FilesMatch>
                # php as fast-cgi enabled
        # For config options see: http://httpd.apache.org/mod_fcgid/mod/mod_fcgid.html
                <IfModule mod_fcgid.c>
                                IdleTimeout 300
                                ProcessLifeTime 3600
                                # MaxProcessCount 1000
                                DefaultMinClassProcessCount 0
                                DefaultMaxClassProcessCount 100
                                IPCConnectTimeout 3
                                IPCCommTimeout 360
                                BusyTimeout 300
                </IfModule>
                <Directory /var/www/domain.tld/web>
                                AddHandler fcgid-script .php .php3 .php4 .php5
                                FCGIWrapper /var/www/php-fcgi-scripts/web2/.php-fcgi-starter .php
                                Options +ExecCGI
                                AllowOverride All
                                Order allow,deny
                                Allow from all
                </Directory>
                <Directory /var/www/clients/client1/web2/web>
                                AddHandler fcgid-script .php .php3 .php4 .php5
                                FCGIWrapper /var/www/php-fcgi-scripts/web2/.php-fcgi-starter .php
                                Options +ExecCGI
                                AllowOverride All
                                Order allow,deny
                                Allow from all
                </Directory>


                # add support for apache mpm_itk
                <IfModule mpm_itk_module>
                        AssignUserId web2 client1
                </IfModule>

                <IfModule mod_dav_fs.c>
                # Do not execute PHP files in webdav directory
                        <Directory /var/www/clients/client1/web2/webdav>
                                <ifModule mod_security2.c>
                                        SecRuleRemoveById 960015
                                        SecRuleRemoveById 960032
                                </ifModule>
                                <FilesMatch "\.ph(p3?|tml)$">
                                        SetHandler None
                                </FilesMatch>
                        </Directory>
                        DavLockDB /var/www/clients/client1/web2/tmp/DavLock
                        # DO NOT REMOVE THE COMMENTS!
                        # IF YOU REMOVE THEM, WEBDAV WILL NOT WORK ANYMORE!
      # WEBDAV BEGIN
                        # WEBDAV END
                </IfModule>


</VirtualHost>

[...]
Any hints?

Jörg
 
Zuletzt bearbeitet:

Werbung

Top