Apache security

I have Apache2.2 running on C:\Apache.  I store all my web development work on W:\

Im currently developing a upload tool and on our companies server (IIS) everything works fine, even when i upload to ftp site for hosting.  But now ive just changed over to Apache2.2 on my laptop and now i get this error when trying to use my upload tool:

Forbidden
You don't have permission to access /xxx/htdocs/cms/< on this server.

Apache works fine for everything else and i have given full permissions on the W:\.  If i view the media folder where the image is meant to be uploaded to, the image is there, but yet i get the above message in my webpage...

My Apache knowledge is poor as im only new...

Hope somebody can help...
LVL 16
ellandrdAsked:
Who is Participating?
 
RoonaanCommented:
Have you tried to insecurely chmodded the /xxx/htdocs/cms folder to 0777. Also make sure that the image file doesn't exist already. In that case you should chmod that file also, or delete it.

-r-
0
 
ellandrdAuthor Commented:
im on a windows box - will chmod work?  not sure how to either?
0
 
ellandrdAuthor Commented:
where would you suggest i chmod my directory? before or after trying to upload?
0
Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 
RoonaanCommented:
Sorry, the way you described your path /xxx/htdocs/cms looked more unix than windows. So I thought the path might have the online one.

-r-
0
 
ellandrdAuthor Commented:
still not working.. i try to ste chmod after i detect if form was submitted... and i still get error message
0
 
ellandrdAuthor Commented:
i might actually just move apache to W:\... keeping everything together
0
 
aplimediaCommented:
This is a permission issue. You need to all IUSR_Machine name to the permission profile of this file.

Do you know how to do that?

Aplimedia
0
 
TeRReFCommented:
Try to add this to your Apache httpd.conf:

<Directory "/xxx/htdocs/cms">
    AllowOverride None
    Order allow,deny
    Allow from all
</Directory>
0
 
ellandrdAuthor Commented:
TeRReF

I have added that - still getting error.

aplimedia

>>Do you know how to do that?

Im using apache now, not IIS so do i have a IUSER_ ?

0
 
aplimediaCommented:
Thats my point... IIS has windows family permissions, apache is not a member so does not!

The IUSR is a folder issue and nothing to do with Apache. Apache is trying to access it and is being told to go away bu Windows.

Aplimedia
0
 
ellandrdAuthor Commented:
I have also moved everything - Apache, MYSQL and PHP to W:\

so now my root is:

W:\Apache\htdocs

and my site live in:

W:\Apache\htdocs\site\
W:\Apache\htdocs\site\cms

still getting error...
0
 
ellandrdAuthor Commented:
Aplimedia

I have totally moved my web development work from an IIS server to an apache server.  I used to work from my companies ISS server, but ive just started a new project and i need to be able to work after hours at home.  I installed Apache and moved the site off the IIS server at my work to my laptop so i can work on it anywhere anytime.

The site works fine and so does apache except for this upload script...  If i upload the whole site to ftp to actually host it at: http://www.xxx.co.uk, everything works fine and if i move everything back to my works IIS server everything should work fine again...

It is driving me mad as i need to get this site up and running ASAP and im unable to get work done this weekend cause of it... ive just lost like the last 3 hours playing about with Apache trying to get my upload.php script to work on apache...

Like fair enough im still booking hours to the job but ive nothing to show for it...

so come guys - help me get this working!!

Ive go to off line now but i'll be back on in an 1hr and im hoping somebody has a solution....

Ellandrd
0
 
aplimediaCommented:
open windows explorer and browse to /xxx/htdocs/cms/ where cms is the rrol folder of your web site.

Right click on cms > Properties.

Then select 'Security Tab'

If there is no security tab, tell me as Widows by defualt (XP) hides this one, just to complicate life!



Click on 'Add' > Advanced > Search Now > 

From the list scroll down and click on ISUR_Your_Machine_Name

Click Accept > Accept (Again) > Check 'Total Control' > Apply > Accept.

The window now closes...

Now try your site again... and let me know.

Aplimedia
0
 
aplimediaCommented:
sorry typo... 'rrol folder' = root folder. (where cms is the ROOT folder of your web site)
Aplimedia
0
 
TeRReFCommented:
Look in your httpd.conf and find these lines:
User www
Group www
or similar.

That user you can use to set the proper permissions on the folder.
0
 
sleep_furiouslyCommented:
Is W:\ a network mounted drive?

You could try this:
-- Go to Services control panel
-- Right-click on Apache service and select Properties ...
-- Go to Log On tab
-- Set the account to run as to one that has network permissions on the mounted drive (for example, a domain account that has permissions on the remote filesystem)
0
 
ellandrdAuthor Commented:
i just found the issue - i was taking to a guy i work with over msn and i let me take control over my laptop using remote assisstant as his apache knowledge is better and he looked in my logs and found what was causing my issue... all fixed now

thanks guys!
0
 
TeRReFCommented:
Euh... what was it?
0
 
ellandrdAuthor Commented:
my logs shown that the url contained $ AND php dont allow that...
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.