apache e immagini

15 risposte [Ultimo contenuto]
Ritratto di robarm
robarm
(Junior)
Offline
Junior
Iscritto: 05/06/2005
Messaggi: 36

ho installa to apache e php4 con apt-get.
tutto ok.
ho creato in /var/www un file test.php con phpinfo() e dall'esterno (sto provando da lavoro in ssh) riesco a vedere il mio webserver privato.
Perfetto.
Allora creo una directory images, ci metto dentro un'immagine e provo a caricarla in una pagina php.
Non ho altro, solo <img src...."
Però non mi fa vedere l'immagine.
Allora cambio i permessi dell'immagine e della cartella images mettendo chmod 770 e chown www-data:www-data
Niente da fare. non mi mostra l'immagine.
Allora sposto l'immagine in /var/www dove c'è anche il file index.php
cambio il percorso del tag html e funziona.
ora, perchè sotto la cartella images non mi funziona ?
Dove sbaglio ?

Ritratto di lucadj
lucadj
(Geek)
Offline
Geek
Iscritto: 24/03/2005
Messaggi: 66

come hai creato la cartella??

matti i permessi della cartella images, identici a quelli delle altre cartelle che trovi li dentro, e comunque identici alla cartalla /var/www/html

Laughing

Il termine Hacker
Gli hacker sono delle persone dedicate all'elevato ideale di rendere la tecnologia accessibile a tutti, persone dedite al culto della bellezza e decise ad aiutare gli altri grazie alla potenza tecnologica.
www.lucaporcu.com

Ritratto di robarm
robarm
(Junior)
Offline
Junior
Iscritto: 05/06/2005
Messaggi: 36

fatto, ma niente da fare.
sotto /var/www ho solo la cartella images e index.php
sotto la cartella images la mia immagine.
tutti i file e le cartelle hanno chmod 770 proprietario www-data gruppo www-data.
però non mi funziona. Sad

Ritratto di blackgrizzly
blackgrizzly
(Geek)
Offline
Geek
Iscritto: 16/05/2005
Messaggi: 117

Apache gira come utente www-data?

Prova chmod 777 per curiosità...

***********************************
Registered User Linux 277234
***********************************

...."Have you mooed today?"...

Ritratto di robarm
robarm
(Junior)
Offline
Junior
Iscritto: 05/06/2005
Messaggi: 36

come faccio a vedere se apache gira con utente www-data ?
con chmod 777 ho provato ma nisba, stessa cosa.
se l'immagine è in /var/www funziona, altrimenti no...

Ritratto di lucadj
lucadj
(Geek)
Offline
Geek
Iscritto: 24/03/2005
Messaggi: 66

Quote:

robarm ha scritto:
come faccio a vedere se apache gira con utente www-data ?
con chmod 777 ho provato ma nisba, stessa cosa.
se l'immagine è in /var/www funziona, altrimenti no...

ps -axu | grep httpd

il primo è l'utente che lo fa girare!!

ps posti il file /etc/httpd/conf/httpd.conf
comunque il file di configurazione di apache!!!

Il termine Hacker
Gli hacker sono delle persone dedicate all'elevato ideale di rendere la tecnologia accessibile a tutti, persone dedite al culto della bellezza e decise ad aiutare gli altri grazie alla potenza tecnologica.
www.lucaporcu.com

Ritratto di robarm
robarm
(Junior)
Offline
Junior
Iscritto: 05/06/2005
Messaggi: 36

non ho il processo httpd, ma se può essere utile:
<br />root      8184  0.0  0.8  11052  4500 pts/0    S    08:43   0:00 /usr/sbin/apache<br />www-data 30588  0.0  0.9  11188  4768 pts/0    S    10:48   0:00 /usr/sbin/apache<br />www-data 30589  0.0  0.8  11052  4520 pts/0    S    10:48   0:00 /usr/sbin/apache<br />www-data 30590  0.0  0.8  11052  4520 pts/0    S    10:48   0:00 /usr/sbin/apache<br />www-data 30591  0.0  0.8  11052  4520 pts/0    S    10:48   0:00 /usr/sbin/apache<br />www-data 30592  0.0  0.8  11052  4520 pts/0    S    10:48   0:00 /usr/sbin/apache<br />www-data 30594  0.0  0.8  11052  4520 pts/0    S    10:48   0:00 /usr/sbin/apache<br />root     30839  0.0  0.1   2044   784 pts/3    S+   10:50   0:00 grep apache<br />

e il mio httpd.conf
<br />##<br />## httpd.conf -- Apache HTTP server configuration file<br />##<br /><br />#<br /># Based upon the NCSA server configuration files originally by Rob McCool.<br />#<br /># This is the main Apache server configuration file.  It contains the<br /># configuration directives that give the server its instructions.<br /># See &lt;URL:http://www.apache.org/docs/&gt; for detailed information about<br /># the directives.<br />#<br /># Do NOT simply read the instructions in here without understanding<br /># what they do.  They&#039;re here only as hints or reminders.  If you are unsure<br /># consult the online docs. You have been warned.  <br />#<br /># After this file is processed, the server will look for and process<br /># /etc/apache/srm.conf and then /etc/apache/access.conf<br /># unless you have overridden these with ResourceConfig and/or<br /># AccessConfig directives here.<br />#<br /># The configuration directives are grouped into three basic sections:<br />#  1. Directives that control the operation of the Apache server process as a<br />#     whole (the &#039;global environment&#039;).<br />#  2. Directives that define the parameters of the &#039;main&#039; or &#039;default&#039; server,<br />#     which responds to requests that aren&#039;t handled by a virtual host.<br />#     These directives also provide default values for the settings<br />#     of all virtual hosts.<br />#  3. Settings for virtual hosts, which allow Web requests to be sent to<br />#     different IP addresses or hostnames and have them handled by the<br />#     same Apache server process.<br />#<br /># Configuration and logfile names: If the filenames you specify for many<br /># of the server&#039;s control files begin with &quot;/&quot; (or &quot;drive:/&quot; for Win32), the<br /># server will use that explicit path.  If the filenames do *not* begin<br /># with &quot;/&quot;, the value of ServerRoot is prepended -- so &quot;logs/foo.log&quot;<br /># with ServerRoot set to &quot;/usr/local/apache&quot; will be interpreted by the<br /># server as &quot;/usr/local/apache/logs/foo.log&quot;.<br />#<br /><br />### Section 1: Global Environment<br />#<br /># The directives in this section affect the overall operation of Apache,<br /># such as the number of concurrent requests it can handle or where it<br /># can find its configuration files.<br />#<br /><br />#<br /># ServerType is either inetd, or standalone.  Inetd mode is only supported on<br /># Unix platforms.<br />#<br />ServerType standalone<br /><br />#<br /># ServerRoot: The top of the directory tree under which the server&#039;s<br /># configuration, error, and log files are kept, unless they are specified<br /># with an absolute path.<br />#<br /># NOTE!  If you intend to place this on an NFS (or otherwise network)<br /># mounted filesystem then please read the LockFile documentation<br /># (available at &lt;URL:http://www.apache.org/docs/mod/core.html#lockfile&gt;);<br /># you will save yourself a lot of trouble.<br />#<br /># Do NOT add a slash at the end of the directory path.<br />#<br />ServerRoot /etc/apache<br /><br />#<br /># The LockFile directive sets the path to the lockfile used when Apache<br /># is compiled with either USE_FCNTL_SERIALIZED_ACCEPT or<br /># USE_FLOCK_SERIALIZED_ACCEPT. This directive should normally be left at<br /># its default value. The main reason for changing it is if the logs<br /># directory is NFS mounted, since the lockfile MUST BE STORED ON A LOCAL<br /># DISK. The PID of the main server process is automatically appended to<br /># the filename. <br />#<br />LockFile /var/lock/apache.lock<br /><br />#<br /># PidFile: The file in which the server should record its process<br /># identification number when it starts.<br />#<br />PidFile /var/run/apache.pid<br /><br />#<br /># ScoreBoardFile: File used to store internal server process information.<br /># Not all architectures require this.  But if yours does (you&#039;ll know because<br /># this file will be  created when you run Apache) then you *must* ensure that<br /># no two invocations of Apache share the same scoreboard file.<br />#<br />ScoreBoardFile /var/run/apache.scoreboard<br /><br />#<br /># In the standard configuration, the server will process this file,<br /># srm.conf, and access.conf in that order.  The latter two files are<br /># now distributed empty, as it is recommended that all directives<br /># be kept in a single file for simplicity.  The commented-out values<br /># below are the built-in defaults.  You can have the server ignore<br /># these files altogether by using &quot;/dev/null&quot; (for Unix) or<br /># &quot;nul&quot; (for Win32) for the arguments to the directives.<br />#<br />#ResourceConfig /etc/apache/srm.conf<br />#AccessConfig /etc/apache/access.conf<br /><br />#<br /># Timeout: The number of seconds before receives and sends time out.<br />#<br />Timeout 300<br /><br />#<br /># KeepAlive: Whether or not to allow persistent connections (more than<br /># one request per connection). Set to &quot;Off&quot; to deactivate.<br />#<br />KeepAlive On<br /><br />#<br /># MaxKeepAliveRequests: The maximum number of requests to allow<br /># during a persistent connection. Set to 0 to allow an unlimited amount.<br /># We recommend you leave this number high, for maximum performance.<br />#<br />MaxKeepAliveRequests 100<br /><br />#<br /># KeepAliveTimeout: Number of seconds to wait for the next request from the<br /># same client on the same connection.<br />#<br />KeepAliveTimeout 15<br /><br />#<br /># Server-pool size regulation.  Rather than making you guess how many<br /># server processes you need, Apache dynamically adapts to the load it<br /># sees --- that is, it tries to maintain enough server processes to<br /># handle the current load, plus a few spare servers to handle transient<br /># load spikes (e.g., multiple simultaneous requests from a single<br /># Netscape browser).<br />#<br /># It does this by periodically checking how many servers are waiting<br /># for a request.  If there are fewer than MinSpareServers, it creates<br /># a new spare.  If there are more than MaxSpareServers, some of the<br /># spares die off.  The default values are probably OK for most sites.<br />#<br />MinSpareServers 5<br />MaxSpareServers 10<br /><br />#<br /># Number of servers to start initially --- should be a reasonable ballpark<br /># figure.<br />#<br />StartServers 5<br /><br />#<br /># Limit on total number of servers running, i.e., limit on the number<br /># of clients who can simultaneously connect --- if this limit is ever<br /># reached, clients will be LOCKED OUT, so it should NOT BE SET TOO LOW.<br /># It is intended mainly as a brake to keep a runaway server from taking<br /># the system with it as it spirals down...<br />#<br />MaxClients 150<br /><br />#<br /># MaxRequestsPerChild: the number of requests each child process is<br /># allowed to process before the child dies.  The child will exit so<br /># as to avoid problems after prolonged use when Apache (and maybe the<br /># libraries it uses) leak memory or other resources.  On most systems, this<br /># isn&#039;t really needed, but a few (such as Solaris) do have notable leaks<br /># in the libraries. For these platforms, set to something like 10000<br /># or so; a setting of 0 means unlimited.<br />#<br /># NOTE: This value does not include keepalive requests after the initial<br />#       request per connection. For example, if a child process handles<br />#       an initial request and 10 subsequent &quot;keptalive&quot; requests, it<br />#       would only count as 1 request towards this limit.<br />#<br />MaxRequestsPerChild 100<br /><br />#<br /># Listen: Allows you to bind Apache to specific IP addresses and/or<br /># ports, in addition to the default. See also the &lt;VirtualHost&gt;<br /># directive.<br />#<br />#Listen 3000<br />#Listen 12.34.56.78:80<br /><br />#<br /># BindAddress: You can support virtual hosts with this option. This directive<br /># is used to tell the server which IP address to listen to. It can either<br /># contain &quot;*&quot;, an IP address, or a fully qualified Internet domain name.<br /># See also the &lt;VirtualHost&gt; and Listen directives.<br />#<br />#BindAddress *<br /><br />#<br /># Dynamic Shared Object (DSO) Support<br />#<br /># To be able to use the functionality of a module which was built as a DSO you<br /># have to place corresponding `LoadModule&#039; lines at this location so the<br /># directives contained in it are actually available _before_ they are used.<br /># Please read the file README.DSO in the Apache 1.3 distribution for more<br /># details about the DSO mechanism and run `apache -l&#039; for the list of already<br /># built-in (statically linked and thus always available) modules in your apache<br /># binary.<br />#<br /># Please keep this LoadModule: line here, it is needed for installation.<br />Include /etc/apache/modules.conf<br /><br />#<br /># ExtendedStatus: controls whether Apache will generate &quot;full&quot; status<br /># information (ExtendedStatus On) or just basic information (ExtendedStatus<br /># Off) when the &quot;server-status&quot; handler is called. The default is Off.<br />#<br />&lt;IfModule mod_status.c&gt;<br />  ExtendedStatus On<br />&lt;/IfModule&gt;<br /><br />### Section 2: &#039;Main&#039; server configuration<br />#<br /># The directives in this section set up the values used by the &#039;main&#039;<br /># server, which responds to any requests that aren&#039;t handled by a<br /># &lt;VirtualHost&gt; definition.  These values also provide defaults for<br /># any &lt;VirtualHost&gt; containers you may define later in the file.<br />#<br /># All of these directives may appear inside &lt;VirtualHost&gt; containers,<br /># in which case these default settings will be overridden for the<br /># virtual host being defined.<br />#<br /><br />#<br /># If your ServerType directive (set earlier in the &#039;Global Environment&#039;<br /># section) is set to &quot;inetd&quot;, the next few directives don&#039;t have any<br /># effect since their settings are defined by the inetd configuration.<br /># Skip ahead to the ServerAdmin directive.<br />#<br /><br />#<br /># Port: The port to which the standalone server listens. For<br /># ports &lt; 1023, you will need apache to be run as root initially.<br />#<br />Port 80<br /><br />#<br /># If you wish apache to run as a different user or group, you must run<br /># apacheas root initially and it will switch.  <br />#<br /># User/Group: The name (or #number) of the user/group to run apache as.<br />#  . On SCO (ODT 3) use &quot;User nouser&quot; and &quot;Group nogroup&quot;.<br />#  . On HPUX you may not be able to use shared memory as nobody, and the<br />#    suggested workaround is to create a user www and use that user.<br />#  NOTE that some kernels refuse to setgid(Group) or semctl(IPC_SET)<br />#  when the value of (unsigned)Group is above 60000; <br />#  don&#039;t use Group nobody on these systems!<br />#<br />User www-data<br />Group www-data<br /><br />#<br /># ServerAdmin: Your address, where problems with the server should be<br /># e-mailed.  This address appears on some server-generated pages, such<br /># as error documents.<br />#<br />ServerAdmin webmaster@localhost<br /><br />#<br /># ServerName: allows you to set a host name which is sent back to clients for<br /># your server if it&#039;s different than the one the program would get (i.e., use<br /># &quot;www&quot; instead of the host&#039;s real name).<br />#<br /># Note: You cannot just invent host names and hope they work. The name you <br /># define here must be a valid DNS name for your host. If you don&#039;t understand<br /># this, ask your network administrator.<br /># If your host doesn&#039;t have a registered DNS name, enter its IP address here.<br /># You will have to access it by its address (e.g., http://123.45.67.89/)<br /># anyway, and this will make redirections work in a sensible way.<br />ServerName localhost<br />#<br />#ServerName new.host.name<br /><br />#<br /># DocumentRoot: The directory out of which you will serve your<br /># documents. By default, all requests are taken from this directory, but<br /># symbolic links and aliases may be used to point to other locations.<br />#<br />DocumentRoot /var/www<br /><br />#<br /># Each directory to which Apache has access, can be configured with respect<br /># to which services and features are allowed and/or disabled in that<br /># directory (and its subdirectories). <br />#<br /># First, we configure the &quot;default&quot; to be a very restrictive set of <br /># permissions.  <br />#<br />&lt;Directory /&gt;<br />    Options SymLinksIfOwnerMatch<br />    AllowOverride None<br />&lt;/Directory&gt;<br /><br />#<br /># Note that from this point forward you must specifically allow<br /># particular features to be enabled - so if something&#039;s not working as<br /># you might expect, make sure that you have specifically enabled it<br /># below.<br />#<br /><br />#<br /># This should be changed to whatever you set DocumentRoot to.<br />#<br />&lt;Directory /var/www/&gt;<br /><br />#<br /># This may also be &quot;None&quot;, &quot;All&quot;, or any combination of &quot;Indexes&quot;,<br /># &quot;Includes&quot;, &quot;FollowSymLinks&quot;, &quot;ExecCGI&quot;, or &quot;MultiViews&quot;.<br />#<br /># Note that &quot;MultiViews&quot; must be named *explicitly* --- &quot;Options All&quot;<br /># doesn&#039;t give it to you.<br />#<br />    Options Indexes Includes FollowSymLinks MultiViews<br /><br />#<br /># This controls which options the .htaccess files in directories can<br /># override. Can also be &quot;All&quot;, or any combination of &quot;Options&quot;, &quot;FileInfo&quot;, <br /># &quot;AuthConfig&quot;, and &quot;Limit&quot;<br />#<br />    AllowOverride None<br /><br />#<br /># Controls who can get stuff from this server.<br />#<br />    Order allow,deny<br />    Allow from all<br />&lt;/Directory&gt;<br /><br />#<br /># UserDir: The name of the directory which is appended onto a user&#039;s home<br /># directory if a ~user request is received.<br />#<br />&lt;IfModule mod_userdir.c&gt;<br />    UserDir public_html<br />#<br /># Control access to UserDir directories.  The following is an example<br /># for a site where these directories are restricted to read-only.<br />#<br />    &lt;Directory /home/*/public_html&gt;<br />        AllowOverride FileInfo AuthConfig Limit<br />        Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec<br />        &lt;Limit GET POST OPTIONS PROPFIND&gt;<br />            Order allow,deny<br />            Allow from all<br />        &lt;/Limit&gt;<br />        &lt;Limit PUT DELETE PATCH PROPPATCH MKCOL COPY MOVE LOCK UNLOCK&gt;<br />            Order deny,allow<br />            Deny from all<br />        &lt;/Limit&gt;<br />    &lt;/Directory&gt;<br />&lt;/IfModule&gt;<br /><br />#<br /># DirectoryIndex: Name of the file or files to use as a pre-written HTML<br /># directory index.  Separate multiple entries with spaces.<br />#<br />&lt;IfModule mod_dir.c&gt;<br />    DirectoryIndex index.php index.html index.htm index.shtml index.cgi<br />&lt;/IfModule&gt;<br /><br />#<br /># AccessFileName: The name of the file to look for in each directory<br /># for access control information.<br />#<br />AccessFileName .htaccess<br /><br />#<br /># The following lines prevent .htaccess files from being viewed by<br /># Web clients.  Since .htaccess files often contain authorization<br /># information, access is disallowed for security reasons.  Comment<br /># these lines out if you want Web visitors to see the contents of<br /># .htaccess files.  If you change the AccessFileName directive above,<br /># be sure to make the corresponding changes here.<br />#<br /># Also, folks tend to use names such as .htpasswd for password<br /># files, so this will protect those as well.<br />#<br />&lt;Files ~ &quot;^\.ht&quot;&gt;<br />    Order allow,deny<br />    Deny from all<br />&lt;/Files&gt;<br /><br />#<br /># CacheNegotiatedDocs: By default, Apache sends &quot;Pragma: no-cache&quot; with each<br /># document that was negotiated on the basis of content. This asks proxy<br /># servers not to cache the document. Uncommenting the following line disables<br /># this behavior, and proxies will be allowed to cache the documents.<br />#<br />#CacheNegotiatedDocs<br /><br />#<br /># UseCanonicalName:  (new for 1.3)  With this setting turned on, whenever<br /># Apache needs to construct a self-referencing URL (a URL that refers back<br /># to the server the response is coming from) it will use ServerName and<br /># Port to form a &quot;canonical&quot; name.  With this setting off, Apache will<br /># use the hostname:port that the client supplied, when possible.  This<br /># also affects SERVER_NAME and SERVER_PORT in CGI scripts.<br />#<br />UseCanonicalName Off<br /><br />#<br /># TypesConfig describes where the mime.types file (or equivalent) is<br /># to be found.<br />#<br />TypesConfig /etc/mime.types<br /><br />#<br /># DefaultType is the default MIME type the server will use for a document<br /># if it cannot otherwise determine one, such as from filename extensions.<br /># If your server contains mostly text or HTML documents, &quot;text/plain&quot; is<br /># a good value.  If most of your content is binary, such as applications<br /># or images, you may want to use &quot;application/octet-stream&quot; instead to<br /># keep browsers from trying to display binary files as though they are<br /># text.<br />#<br />DefaultType text/plain<br /><br />#<br /># The mod_mime_magic module allows the server to use various hints from the<br /># contents of the file itself to determine its type.  The MIMEMagicFile<br /># directive tells the module where the hint definitions are located.<br /># mod_mime_magic is not part of the default server (you have to add<br /># it yourself with a LoadModule [see the DSO paragraph in the &#039;Global<br /># Environment&#039; section], or recompile the server and include mod_mime_magic<br /># as part of the configuration), so it&#039;s enclosed in an &lt;IfModule&gt; container.<br /># This means that the MIMEMagicFile directive will only be processed if the<br /># module is part of the server.<br />#<br />&lt;IfModule mod_mime_magic.c&gt;<br />    MIMEMagicFile /usr/share/misc/file/magic.mime<br />&lt;/IfModule&gt;<br /><br />#<br /># HostnameLookups: Log the names of clients or just their IP addresses<br /># e.g., www.apache.org (on) or 204.62.129.132 (off).<br /># The default is off because it&#039;d be overall better for the net if people<br /># had to knowingly turn this feature on, since enabling it means that<br /># each client request will result in AT LEAST one lookup request to the<br /># nameserver.<br />#<br />HostnameLookups Off<br /><br /># Note that Log files are now rotated by logrotate, not by apache itself.<br /># This means that apache no longer attempts to magically determine<br /># where your log files are kept; you have to fill out stanzas in<br /># /etc/logrotate.d/apache yourself.<br /><br />#<br /># ErrorLog: The location of the error log file.<br /># If you do not specify an ErrorLog directive within a &lt;VirtualHost&gt;<br /># container, error messages relating to that virtual host will be<br /># logged here.  If you *do* define an error logfile for a &lt;VirtualHost&gt;<br /># container, that host&#039;s errors will be logged there and not here.<br />#<br />ErrorLog /var/log/apache/error.log<br /><br />#<br /># LogLevel: Control the number of messages logged to the error_log.<br /># Possible values include: debug, info, notice, warn, error, crit,<br /># alert, emerg.<br />#<br />LogLevel warn<br /><br />#<br /># The following directives define some format nicknames for use with<br /># a CustomLog directive (see below).<br />#<br />LogFormat &quot;%h %l %u %t \&quot;%r\&quot; %&gt;s %b \&quot;%{Referer}i\&quot; \&quot;%{User-Agent}i\&quot; \&quot;%{forensic-id}n\&quot; %T %v&quot; full<br />LogFormat &quot;%h %l %u %t \&quot;%r\&quot; %&gt;s %b \&quot;%{Referer}i\&quot; \&quot;%{User-Agent}i\&quot; \&quot;%{forensic-id}n\&quot; %P %T&quot; debug<br />LogFormat &quot;%h %l %u %t \&quot;%r\&quot; %&gt;s %b \&quot;%{Referer}i\&quot; \&quot;%{User-Agent}i\&quot; \&quot;%{forensic-id}n\&quot;&quot; combined<br />LogFormat &quot;%h %l %u %t \&quot;%r\&quot; %&gt;s %b \&quot;%{forensic-id}n\&quot;&quot; forensic<br />LogFormat &quot;%h %l %u %t \&quot;%r\&quot; %&gt;s %b&quot; common<br />LogFormat &quot;%{Referer}i -&gt; %U&quot; referer<br />LogFormat &quot;%{User-agent}i&quot; agent<br /><br />#<br /># The location and format of the access logfile (Common Logfile Format).<br /># If you do not define any access logfiles within a &lt;VirtualHost&gt;<br /># container, they will be logged here.  Contrariwise, if you *do*<br /># define per-&lt;VirtualHost&gt; access logfiles, transactions will be<br /># logged therein and *not* in this file.<br />#<br />#CustomLog /var/log/apache/access.log common<br /><br />#<br /># If you would like to have agent and referer logfiles, uncomment the<br /># following directives.<br />#<br />#CustomLog /var/log/apache/referer.log referer<br />#CustomLog /var/log/apache/agent.log agent<br /><br />#<br /># If you prefer a single logfile with access, agent, referer and forensic<br /># information (Combined Logfile Format) you can use the following directive.<br />#<br />CustomLog /var/log/apache/access.log combined<br /><br />&lt;IfModule mod_log_forensic.c&gt;<br /> ForensicLog /var/log/apache/forensic.log<br />&lt;/IfModule&gt;<br /><br />#<br /># Debugging information. With apache 1.3.31 two new debugging modules have been<br /># introduced to facilitate this task: mod_backtrace and mod_whatkilledus.<br /># They must NOT be used in production environment if not for debugging!<br /># You must know what you are doing before enabling the modules and<br /># uncommenting the following lines.<br />#<br />&lt;IfModule mod_backtrace.c&gt;<br /> EnableExceptionHook On<br /> #<br /> # Backtrace logs are written to error.log but optionally they can be<br /> # redirected to a different file.<br /> #<br /> # BacktraceLog /var/log/apache/backtrace.log<br /> #<br />&lt;/IfModule&gt;<br /><br />&lt;IfModule mod_whatkilledus.c&gt;<br /> EnableExceptionHook On<br /> #<br /> # Whatkilledus logs are written to error.log but optionally they can be<br /> # redirected to a different file.<br /> #<br /> # WhatKilledUsLog /var/log/apache/whatkilledus.log<br /> #<br />&lt;/IfModule&gt;<br /><br />#<br /># Optionally add a line containing the server version and virtual host<br /># name to server-generated pages (error documents, FTP directory listings,<br /># mod_status and mod_info output etc., but not CGI generated documents).<br /># Set to &quot;EMail&quot; to also include a mailto: link to the ServerAdmin.<br /># Set to one of:  On | Off | EMail<br />#<br />ServerSignature On<br /><br />#<br /># This directive controls whether Server response header field which is<br /># sent back to clients includes a description of the generic OS-type of<br /># the server as well as information about compiled-in modules.<br /># Set to one of: Prod[uctOnly] | Min[imal] | OS | Full<br /># If the directive is not specified the default is set to Full.<br />#<br />#ServerTokens Full<br /><br />#<br /># Aliases: Add here as many aliases as you need (with no limit). The format is <br /># Alias fakename realname<br />#<br /># Note that if you include a trailing / on fakename then the server will<br /># require it to be present in the URL.  So &quot;/icons&quot; isn&#039;t aliased in this<br /># example, only &quot;/icons/&quot;..<br />#<br /><br />&lt;IfModule mod_alias.c&gt;<br />    Alias /icons/ /usr/share/apache/icons/<br /><br />    &lt;Directory /usr/share/apache/icons&gt;<br />         Options Indexes MultiViews<br />         AllowOverride None<br />         Order allow,deny<br />         Allow from all<br />    &lt;/Directory&gt;<br /><br />    Alias /images/ /usr/share/images/<br /><br />    &lt;Directory /usr/share/images&gt;<br />         Options MultiViews<br />         AllowOverride None<br />         Order allow,deny<br />         Allow from all<br />    &lt;/Directory&gt;<br />&lt;/IfModule&gt;<br /><br />#<br /># ScriptAlias: This controls which directories contain server scripts.<br /># ScriptAliases are essentially the same as Aliases, except that<br /># documents in the realname directory are treated as applications and<br /># run by the server when requested rather than as documents sent to the client.<br /># The same rules about trailing &quot;/&quot; apply to ScriptAlias directives as to<br /># Alias.<br />#<br />&lt;IfModule mod_alias.c&gt;<br />    ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/<br /><br />#<br /># &quot;/usr/lib/cgi-bin&quot; could be changed to whatever your ScriptAliased<br /># CGI directory exists, if you have that configured.<br />#<br />    &lt;Directory /usr/lib/cgi-bin/&gt;<br />        AllowOverride None<br />        Options ExecCGI -MultiViews +SymLinksIfOwnerMatch<br />        Order allow,deny<br />        Allow from all<br />    &lt;/Directory&gt;<br />&lt;/IfModule&gt;<br /><br />#<br /># Redirect allows you to tell clients about documents which used to exist in<br /># your server&#039;s namespace, but do not anymore. This allows you to tell the<br /># clients where to look for the relocated document.<br /># Format: Redirect old-URI new-URL<br />#<br /><br />#<br /># Directives controlling the display of server-generated directory listings.<br />#<br /><br />&lt;IfModule mod_autoindex.c&gt;<br /><br />    #<br />    # FancyIndexing: whether you want fancy directory indexing or standard<br />    #<br />    IndexOptions FancyIndexing NameWidth=*<br /><br />    #<br />    # AddIcon* directives tell the server which icon to show for different<br />    # files or filename extensions.  These are only displayed for<br />    # FancyIndexed directories.<br />    #<br />    AddIconByEncoding (CMP,/icons/compressed.gif) x-compress x-gzip<br /><br />    AddIconByType (TXT,/icons/text.gif) text/*<br />    AddIconByType (IMG,/icons/image2.gif) image/*<br />    AddIconByType (SND,/icons/sound2.gif) audio/*<br />    AddIconByType (VID,/icons/movie.gif) video/*<br /><br />    AddIcon /icons/binary.gif .bin .exe<br />    AddIcon /icons/binhex.gif .hqx<br />    AddIcon /icons/tar.gif .tar<br />    AddIcon /icons/world2.gif .wrl .wrl.gz .vrml .vrm .iv<br />    AddIcon /icons/compressed.gif .Z .z .tgz .gz .zip<br />    AddIcon /icons/a.gif .ps .ai .eps<br />    AddIcon /icons/layout.gif .html .shtml .htm .pdf<br />    AddIcon /icons/text.gif .txt<br />    AddIcon /icons/c.gif .c<br />    AddIcon /icons/p.gif .pl .py<br />    AddIcon /icons/f.gif .for<br />    AddIcon /icons/dvi.gif .dvi<br />    AddIcon /icons/uuencoded.gif .uu<br />    AddIcon /icons/script.gif .conf .sh .shar .csh .ksh .tcl<br />    AddIcon /icons/tex.gif .tex<br />    AddIcon /icons/bomb.gif core<br />    AddIcon /icons/deb.gif .deb<br /><br />    AddIcon /icons/back.gif ..<br />    AddIcon /icons/hand.right.gif README<br />    AddIcon /icons/folder.gif ^^DIRECTORY^^<br />    AddIcon /icons/blank.gif ^^BLANKICON^^<br /><br />    #<br />    # DefaultIcon: which icon to show for files which do not have an icon<br />    # explicitly set.<br />    #<br />    DefaultIcon /icons/unknown.gif<br /><br />    #<br />    # AddDescription: allows you to place a short description after a file in<br />    # server-generated indexes.  These are only displayed for FancyIndexed<br />    # directories.<br />    # Format: AddDescription &quot;description&quot; filename<br />    #<br />    #AddDescription &quot;GZIP compressed document&quot; .gz<br />    #AddDescription &quot;tar archive&quot; .tar<br />    #AddDescription &quot;GZIP compressed tar archive&quot; .tgz<br /><br />    #<br />    # ReadmeName: the name of the README file the server will look for by<br />    # default, and append to directory listings.<br />    #<br />    # HeaderName: the name of a file which should be prepended to<br />    # directory indexes. <br />    #<br />    # The module recognize only 2 kind of mime-types, text/html and<br />    # text/*, but the only method it has to identify them is via<br />    # the filename extension. The default is to include and display<br />    # html files.<br />    #<br />    ReadmeName README.html<br />    HeaderName HEADER.html<br /><br />    # Otherwise you can comment the 2 lines above and uncomment<br />    # the 2 below in order to display plain text files.<br />    #<br />    # ReadmeName README.txt<br />    # HeaderName HEADER.txt<br /><br />    #<br />    # IndexIgnore: a set of filenames which directory indexing should ignore<br />    # and not include in the listing.  Shell-style wildcarding is permitted.<br />    #<br />    IndexIgnore .??* *~ *# HEADER.html HEADER.txt RCS CVS *,v *,t<br /><br />    # Uncomment the following IndexIgnore line to add README.* to the file<br />    # list that will not be displayed by mod_autoindex.<br />    # It is not enabled by default on Debian system to permit users to properly<br />    # browse Debian documentation (/doc/)<br />    #<br />    #IndexIgnore README.*<br /><br />&lt;/IfModule&gt;<br /><br />#<br /># Document types.<br />#<br />&lt;IfModule mod_mime.c&gt;<br /><br />    # AddEncoding allows you to have certain browsers (Mosaic/X 2.1+)<br />    # uncompress information on the fly. Note: Not all browsers support<br />    # this.  Despite the name similarity, the following Add* directives<br />    # have nothing to do with the FancyIndexing customization<br />    # directives above.<br /><br />    AddEncoding x-compress Z<br />    AddEncoding x-gzip gz tgz<br /><br />    #<br />    # AddLanguage: allows you to specify the language of a document. You can<br />    # then use content negotiation to give a browser a file in a language<br />    # it can understand.<br />    #<br />    # Note 1: The suffix does not have to be the same as the language<br />    # keyword --- those with documents in Polish (whose net-standard<br />    # language code is pl) may wish to use &quot;AddLanguage pl .po&quot; to<br />    # avoid the ambiguity with the common suffix for perl scripts.<br />    #<br />    # Note 2: The example entries below illustrate that in quite<br />    # some cases the two character &#039;Language&#039; abbriviation is not<br />    # identical to the two character &#039;Country&#039; code for its country,<br />    # E.g. &#039;Danmark/dk&#039; versus &#039;Danish/da&#039;.<br />    #<br />    # Note 3: There is &#039;work in progress&#039; to fix this and get<br />    # the reference data for rfc3066 cleaned up.<br />    #<br />    # Danish (da) - Dutch (nl) - English (en) - Estonian (ee)<br />    # French (fr) - German (de) - Greek-Modern (el)<br />    # Italian (it) - Portugese (pt) - Luxembourgeois (lb)<br />    # Spanish (es) - Swedish (sv) - Catalan (ca) - Czech(cs)<br />    # Polish (pl) - Brazilian Portuguese (pt-br) - Japanese (ja)<br />    #<br />    AddLanguage da .dk<br />    AddLanguage nl .nl<br />    AddLanguage en .en<br />    AddLanguage et .ee<br />    AddLanguage fr .fr<br />    AddLanguage de .de<br />    AddLanguage el .el<br />    AddLanguage it .it<br />    AddLanguage ja .ja<br />    AddCharset ISO-2022-JP .jis<br />    AddLanguage pl .po<br />    AddCharset ISO-8859-2 .iso-pl<br />    AddLanguage pt .pt<br />    AddLanguage pt-br .pt-br<br />    AddLanguage lb .lu<br />    AddLanguage ca .ca<br />    AddLanguage es .es<br />    AddLanguage sv .se<br />    AddLanguage cs .cz<br /><br />    # LanguagePriority: allows you to give precedence to some languages<br />    # in case of a tie during content negotiation.<br />    #<br />    # Just list the languages in decreasing order of preference. We have<br />    # more or less alphabetized them here. You probably want to change<br />    # this.<br />    #<br />    &lt;IfModule mod_negotiation.c&gt;<br />        LanguagePriority en da nl et fr de el it ja pl pt pt-br lb ca es sv<br />    &lt;/IfModule&gt;<br /><br />    #<br />    # AddType allows you to tweak mime.types without actually editing<br />    # it, or to make certain files to be certain types.<br />    #<br />    # For example, the PHP 3.x module (not part of the Apache<br />    # distribution - see http://www.php.net) will typically use:<br />    #<br />    #AddType application/x-httpd-php3 .php3<br />    #AddType application/x-httpd-php3-source .phps<br />    #<br />    # And for PHP 4.x, use:<br />    #<br />    AddType application/x-httpd-php .php<br />    AddType application/x-httpd-php-source .phps<br /><br />    AddType application/x-tar .tgz<br />    AddType image/bmp .bmp<br /><br />    # hdml<br />    AddType text/x-hdml .hdml<br /><br />    #<br />    # AddHandler allows you to map certain file extensions to &quot;handlers&quot;,<br />    # actions unrelated to filetype. These can be either built into<br />    # the server or added with the Action command (see below).<br />    #<br />    # If you want to use server side includes, or CGI outside<br />    # ScriptAliased directories, uncomment the following lines.<br />    #<br />    # To use CGI scripts:<br />    #<br />    #AddHandler cgi-script .cgi .sh .pl<br /><br />    #<br />    # To use server-parsed HTML files mod_include has to be enabled.<br />    #<br />    &lt;IfModule mod_include.c&gt;<br />     AddType text/html .shtml<br />     AddHandler server-parsed .shtml<br />    &lt;/IfModule&gt;<br /><br />    #<br />    # Uncomment the following line to enable Apache&#039;s send-asis HTTP<br />    # file feature.<br />    #<br />    #AddHandler send-as-is asis<br /><br />    #<br />    # If you wish to use server-parsed imagemap files, use<br />    #<br />    #AddHandler imap-file map<br /><br />    #<br />    # To enable type maps, you might want to use<br />    #<br />    #AddHandler type-map var<br /><br />&lt;/IfModule&gt;<br /># End of document types.<br /><br /># Default charset to iso-8859-1 (http://www.apache.org/info/css-security/).<br /><br />AddDefaultCharset on<br /><br />#<br /># Action: lets you define media types that will execute a script whenever<br /># a matching file is called. This eliminates the need for repeated URL<br /># pathnames for oft-used CGI file processors.<br /># Format: Action media/type /cgi-script/location<br /># Format: Action handler-name /cgi-script/location<br />#<br /><br />#<br /># MetaDir: specifies the name of the directory in which Apache can find<br /># meta information files. These files contain additional HTTP headers<br /># to include when sending the document<br />#<br />#MetaDir .web<br /><br />#<br /># MetaSuffix: specifies the file name suffix for the file containing the<br /># meta information.<br />#<br />#MetaSuffix .meta<br /><br />#<br /># Customizable error response (Apache style)<br />#  these come in three flavors<br />#<br />#    1) plain text<br />#ErrorDocument 500 &quot;The server made a boo boo.<br />#  n.b.  the (&quot;) marks it as text, it does not get output<br />#<br />#    2) local redirects<br />#ErrorDocument 404 /missing.html<br />#  to redirect to local URL /missing.html<br />#ErrorDocument 404 /cgi-bin/missing_handler.pl<br />#  N.B.: You can redirect to a script or a document using server-side-includes.<br />#<br />#    3) external redirects<br />#ErrorDocument 402 http://some.other_server.com/subscription_info.html<br />#  N.B.: Many of the environment variables associated with the original<br />#  request will *not* be available to such a script.<br /><br />&lt;IfModule mod_setenvif.c&gt;<br />    #<br />    # The following directives modify normal HTTP response behavior.<br />    # The first directive disables keepalive for Netscape 2.x and browsers that<br />    # spoof it. There are known problems with these browser implementations.<br />    # The second directive is for Microsoft Internet Explorer 4.0b2<br />    # which has a broken HTTP/1.1 implementation and does not properly<br />    # support keepalive when it is used on 301 or 302 (redirect) responses.<br />    #<br />    BrowserMatch &quot;Mozilla/2&quot; nokeepalive<br />    BrowserMatch &quot;MSIE 4\.0b2;&quot; nokeepalive downgrade-1.0 force-response-1.0<br /><br />    #<br />    # The following directive disables HTTP/1.1 responses to browsers which<br />    # are in violation of the HTTP/1.0 spec by not being able to grok a<br />    # basic 1.1 response.<br />    #<br />    BrowserMatch &quot;RealPlayer 4\.0&quot; force-response-1.0<br />    BrowserMatch &quot;Java/1\.0&quot; force-response-1.0<br />    BrowserMatch &quot;JDK/1\.0&quot; force-response-1.0<br />&lt;/IfModule&gt;<br /><br /><br /># If the perl module is installed, this will be enabled.<br />&lt;IfModule mod_perl.c&gt;<br />  &lt;IfModule mod_alias.c&gt;<br />   Alias /perl/ /var/www/perl/<br />  &lt;/IfModule&gt;<br />  &lt;Location /perl&gt;<br />    SetHandler perl-script<br />    PerlHandler Apache::Registry<br />    Options +ExecCGI<br />  &lt;/Location&gt;<br />&lt;/IfModule&gt;<br /><br />#<br /># Allow http put (such as Netscape Gold&#039;s publish feature)<br /># Use htpasswd to generate /etc/apache/passwd.<br /># You must unremark these two lines at the top of this file as well:<br />#LoadModule put_module              modules/mod_put.so<br />#AddModule mod_put.c<br />#<br />#&lt;IfModule mod_alias.c&gt;<br /># Alias /upload /tmp<br />#&lt;/IfModule&gt;<br />#&lt;Location /upload&gt;<br />#    EnablePut On<br />#    AuthType Basic<br />#    AuthName Temporary<br />#    AuthUserFile /etc/apache/passwd<br />#    EnableDelete Off<br />#    umask 007<br />#    &lt;Limit PUT&gt;<br />#        require valid-user<br />#    &lt;/Limit&gt;<br />#&lt;/Location&gt;<br /><br />#<br /># Allow server status reports, with the URL of http://servername/server-status<br /># Change the &quot;.your_domain.com&quot; to match your domain to enable.<br />#<br />#&lt;Location /server-status&gt;<br />#    SetHandler server-status<br />#    Order deny,allow<br />#    Deny from all<br />#    Allow from .your_domain.com<br />#&lt;/Location&gt;<br /><br />#<br /># Allow remote server configuration reports, with the URL of<br />#  http://servername/server-info (requires that mod_info.c be loaded).<br /># Change the &quot;.your_domain.com&quot; to match your domain to enable.<br />#<br />#&lt;Location /server-info&gt;<br />#    SetHandler server-info<br />#    Order deny,allow<br />#    Deny from all<br />#    Allow from .your_domain.com<br />#&lt;/Location&gt;<br /><br /># Allow access to local system documentation from localhost.<br /># (Debian Policy assumes /usr/share/doc is &quot;/doc/&quot;, at least from the localhost.)<br />&lt;IfModule mod_alias.c&gt;<br /> Alias /doc/ /usr/share/doc/<br />&lt;/IfModule&gt;<br /><br />&lt;Location /doc&gt;<br />  order deny,allow<br />  deny from all<br />  allow from 127.0.0.0/255.0.0.0<br />  Options Indexes FollowSymLinks MultiViews<br />&lt;/Location&gt;<br /><br />#<br /># There have been reports of people trying to abuse an old bug from pre-1.1<br /># days.  This bug involved a CGI script distributed as a part of Apache.<br /># By uncommenting these lines you can redirect these attacks to a logging <br /># script on phf.apache.org.  Or, you can record them yourself, using the script<br /># support/phf_abuse_log.cgi.<br />#<br />#&lt;Location /cgi-bin/phf*&gt;<br />#    Deny from all<br />#    ErrorDocument 403 http://phf.apache.org/phf_abuse_log.cgi<br />#&lt;/Location&gt;<br /><br />&lt;IfModule mod_proxy.c&gt;<br />    #<br />    # Proxy Server directives. Uncomment the following lines to<br />    # enable the proxy server:<br />    #<br />    #ProxyRequests On<br /><br />    #&lt;Directory proxy:*&gt;<br />    #    Order deny,allow<br />    #    Deny from all<br />    #    Allow from .your_domain.com<br />    #&lt;/Directory&gt;<br /><br /><br />    #<br />    # Enable/disable the handling of HTTP/1.1 &quot;Via:&quot; headers.<br />    # (&quot;Full&quot; adds the server version; &quot;Block&quot; removes all outgoing Via: headers)<br />    # Set to one of: Off | On | Full | Block<br />    #<br />    #ProxyVia On<br /><br />    #<br />    # To enable the cache as well, edit and uncomment the following lines:<br />    # (no cacheing without CacheRoot)<br />    #<br />    #CacheRoot &quot;/var/cache/apache&quot;<br />    #CacheSize 5<br />    #CacheGcInterval 4<br />    #CacheMaxExpire 24<br />    #CacheLastModifiedFactor 0.1<br />    #CacheDefaultExpire 1<br />    #NoCache a_domain.com another_domain.edu joes.garage_sale.com<br /><br />&lt;/IfModule&gt;<br /># End of proxy directives.<br /><br />### Section 3: Virtual Hosts<br />#<br /># VirtualHost: If you want to maintain multiple domains/hostnames on your<br /># machine you can setup VirtualHost containers for them.<br /># Please see the documentation at &lt;URL:http://www.apache.org/docs/vhosts/&gt;<br /># for further details before you try to setup virtual hosts.<br /># You may use the command line option &#039;-S&#039; to verify your virtual host<br /># configuration.<br /><br />#<br /># If you want to use name-based virtual hosts you need to define at<br /># least one IP address (and port number) for them.<br />#<br />#NameVirtualHost 12.34.56.78:80<br />#NameVirtualHost 12.34.56.78<br /><br />#<br /># VirtualHost example:<br /># Almost any Apache directive may go into a VirtualHost container.<br />#<br />#&lt;VirtualHost ip.address.of.host.some_domain.com&gt;<br />#    ServerAdmin webmaster@host.some_domain.com<br />#    DocumentRoot /www/docs/host.some_domain.com<br />#    ServerName host.some_domain.com<br />#    ErrorLog logs/host.some_domain.com-error.log<br />#    CustomLog logs/host.some_domain.com-access.log common<br />#&lt;/VirtualHost&gt;<br /><br />#&lt;VirtualHost _default_:*&gt;<br />#&lt;/VirtualHost&gt;<br /><br /># Automatically added by the post-installation script<br /># as part of the transition to a config directory layout<br /># similar to apache2, and that will help users to migrate<br /># from apache to apache2 or revert back easily<br />Include /etc/apache/conf.d<br /><br />

Ritratto di lucadj
lucadj
(Geek)
Offline
Geek
Iscritto: 24/03/2005
Messaggi: 66

Quote:

robarm ha scritto:
fatto, ma niente da fare.
sotto /var/www ho solo la cartella images e index.php
sotto la cartella images la mia immagine.
tutti i file e le cartelle hanno chmod 770 proprietario www-data gruppo www-data.
però non mi funziona. Sad

/var/www

e non hai html???

mmmmmh mah!!

e la cartella www che permessi e proprietari ha???

devi mettere le altre cartelle con i medesimi proprietari!! e permessi!!!

EDIT:
La cartella /var/www
Dovrebbe contenere le seguenti sotto cartelle:
cgi-bin
error
html
icons

tutte le cartelle sono normalemente di root e hanno i permessi rwxr-xr-x
tanto per capirci!!!

Il termine Hacker
Gli hacker sono delle persone dedicate all'elevato ideale di rendere la tecnologia accessibile a tutti, persone dedite al culto della bellezza e decise ad aiutare gli altri grazie alla potenza tecnologica.
www.lucaporcu.com

Ritratto di blackgrizzly
blackgrizzly
(Geek)
Offline
Geek
Iscritto: 16/05/2005
Messaggi: 117

Quote:

/var/www
e non hai html???
mmmmmh mah!!

è giusto:
DocumentRoot /var/www

***********************************
Registered User Linux 277234
***********************************

...."Have you mooed today?"...

Ritratto di blackgrizzly
blackgrizzly
(Geek)
Offline
Geek
Iscritto: 16/05/2005
Messaggi: 117

Visto che images è un alias:

Alias /images/ /usr/share/images/

prova a chiamare la directory in un altro modo...

***********************************
Registered User Linux 277234
***********************************

...."Have you mooed today?"...

Ritratto di robarm
robarm
(Junior)
Offline
Junior
Iscritto: 05/06/2005
Messaggi: 36

GRANDE !!!
MITTTTIICOO !!!!
funziona !!! Laughing Laughing
ti offro una birra :pint:

ho rinominato la directory images in imgs e adesso funziona perfetamente Laughing