Apache Permission Denied Error can be caused due to one of many configuration mistakes listed below
Check the apache configuration settings
i) The first is the reference to folder where cgi or perl files will reside and its execute permission settings
<ScriptAlias /cgi-bin/ /usr/local/cgi-bin/> <Directory "/usr/local/cgi-bin"> AllowOverride None Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch Order allow,deny Allow from all </Directory>
ii) The second is the proper add handlers that are set for the file execution
AddHandler cgi-script .cgi .pl <Files ~ "\.pl$"> Options +ExecCGI </Files> <Files ~ "\.cgi$"> Options +ExecCGI </Files>
Check the apache error log for any messages (/var/log/apache2/error.log).
It is often advisable not to disclose information than is necessary when web request are made to Apache server.
By default, Apache displays the version of the server, modules loaded in the server and the version of PHP if PHP is configured with Apache.
In httpd.conf file, set the following directives.
By default, ServerSignature is set to Off and ServerTokens is set to Full in most Linux distros.
If you are to setup CakePHP in a virtual hosting environment, we need to ensure that the DocumentRoot is setup correctly. Based on the experience I have had I thought to list down the virtual host setting and cakephp .htaccess setting files.
root@myserver:/etc/apache2/conf.d# cat vhosts.conf
(Note that there is no ending forward slash after /var/www/cakeapp. If there had been one, it might cause a problem if the /var/www/cakeapp/app/config/routes.php is not configured correctly indicating a never ending loop in resolving domain name)
root@myserver:/etc/apache2/conf.d# cat /var/www/cakeapp/.htaccess
RewriteRule ^$ app/webroot/ [L] RewriteRule (.*) app/webroot/$1 [L] </IfModule>
Virtual Hosting in Ubuntu Hardy Heron: Case Example
Consider the case of two domain names mysite1 and site2 to be served on IP Address 192.168.1.100 (port 80)
Before proceeding let us look at how resolv.conf and hosts file are set up …
$ cat /etc/resolv.conf
$ cat /etc/hosts
192.168.1.100 myserver.kurinchilion.com myserver
# The following lines are desirable for IPv6 capable hosts
::1 ip6-localhost ip6-loopback
What is Virtual Hosting?
Virtual Hosting is a technique by which web servers can serve more than one domain name on the same server. It can also be a variation of serving different sites on the same IP but on different ports.
List of steps to take care when using PHP to upload images or documents
i) use is_uploaded() function to check if the file is uploaded before moving the file from temporary location
ii) sanitize the name of the file before moving the file from the temporary location by executing the ‘mv’ system command (use escapeshellargs, escapeshellcmd as needed)
iii) chmod the file setting to 644 if needed
iv) the directory from where the file will be moved and the destination directory should be initialized beforehand in order to prevent users from altering the path where the files could be stored
How to set the default shell?
If you want to set a shell as a the default for all users you can set the SHELL variable
$ sudo vi ~/.bashrc
To change the default shell for a specific user you can either use the following command
$ usermod -s /path/to/shell user_a
or, set the shell in the /etc/passwd file by changing the last column which represents the default shell for that user
Read more about the Linux shell
I thought to mention a few errors beginners into CakePHP might come across when configuring CakePHP and how to resolve
Notice: this error is being rendered by the app/views/errors/missing_table.thtml view file, a user-customizable error page.
This error occurs when the database is not configured in cakePhp. First create a database in MySQL or the database of your choice. Go to /app/config/ and make a copy of database.php.default and rename it to database.php. Open database.php and give the necessary settings of the new database created with the associated login credentials. Once that is done, refresh the page and see if that error is now resolved.
.htaccess – Purpose, Considerations
.htaccess is a hidden file in the web server which comes in handy when the sites are hosted in shared environment.
Slight hit to performance takes place when .htaccess directive is set as Apache checks each directory for its existence before any file access in that directory
Next consideration will be with regards how the site owners manage the setting changes and its security which can be misused.