Changing Apache's default page to PHP_问答_开发者

开发者 https://www.devze.com 2023-03-31 06:42 出处：网络

I am looking to change apaches default page for when there are no indexes and getting a 500 error.My server is Linux Red Hat with clients setup using Kloxo and /etc/httpd/conf.d/welcome.conf I am tryi

相关专题：redhat

I am looking to change apaches default page for when there are no indexes and getting a 500 error. My server is Linux Red Hat with clients setup using Kloxo and /etc/httpd/conf.d/welcome.conf I am trying to change:

<LocationMatch "^/+$">
    Options -Indexes
    ErrorDocument 403 /error/noindex.html
</LocationMatch>

<LocationMatch "^/+$">
    Options -Indexes
    ErrorDocument 403 /error/noindex.php
</LocationMatch>

Which after httpd restart it gives a 500 error. I assume it has to do with PHP permissions as the file is uploaded as root and the user is specific to an account.

The noindex.html file works fine and is set as root as well.

I know an alternative is to use a skeleton directory, but I don't want to go that route.

Does anyone have any ideas how I would accomplish this?

Thanks.

EDIT:

Error I get in suPHP: UID of script "/var/www/error/noindex.php" is smaller than min_uid

If I change permissions to 777, I get the 500 error page, with only this message in logs: File "/var/www/error/noindex.php" is writeable by others

EDIT 2:

Make the file 400 or 660 and user ID 501 (lxlabs), I now get the error:

Mismatch between target UID (1060) and UID (501) of file "/var/www/error/noindex.php"

I believe lxlabs is supposed to be a regular user, but might not have permission开发者_如何转开发s to that directory. I am not sure how to target the /home/kloxo/httpd/error/noindex.php as the welcome.conf file seems to start in the /var/www directory.

EDIT 3:

This may help as well. I was able to set the suPHP details in the Virtualhost declarating. Like:

<Virtualhost 123.456.78.90:8888>
SSLEngine On 
SSLCertificateFile /home/kloxo/httpd/ssl/eth0___localhost.crt
SSLCertificateKeyFile /home/kloxo/httpd/ssl/eth0___localhost.key
SSLCACertificatefile /home/kloxo/httpd/ssl/eth0___localhost.ca

DocumentRoot   /home/kloxo/httpd/webmail/
<Ifmodule mod_suphp.c>
SuPhp_UserGroup lxlabs lxlabs
</Ifmodule>
</Virtualhost>

Perhaps I can do something similar in the welcome.conf file?

The solution is to change the owner and permissions of the script. The user must be a normal user. The permissions must be 660 (rw for user and group) or 400 (r for user only). Explanation follows.

You are using suPHP which is an Apache module that tries to secure PHP scripts by running them with restricted permissions. When a script is requested, suPHP switches to the owner of the script before executing it.

For obvious security reasons, suPHP forbids to run a script as root. So PHP scripts owned by root can't be reached through Apache. This is what the message UID of script is smaller than min_uid means. suPHP is indeed a bit more generic: it forbids all special users. Linux keeps the first user ids for the special users. Normal users have an ID above 500 or 1000 (depending on the distribution) while root usually has the ID 0.

suPHP, still for security reasons, refuses to run scripts that any user can modify. This is the meaning of the message File is writeable by others. This behavior can be switched of with the config parameter allow_file_others_writeable, but it doesn't make much sense to use a security-oriented module with an insecure configuration. After all, the main purpose of suPHP is to separate the applications that have different file owners.

After lots of testing and researching, it doesn't appear to be possible to have a global file like this. The best work around is to put a file in the skeleton directory for each user.