Saturday, June 13, 2020
Solve AH01276: Cannot serve directory No matching DirectoryIndex (index.html,index.php) found, and server-generated directory index forbidden by Options directive
I get the following error in error.logs:
[Sat Jun 13 13:20:28.420637 2020] [autoindex:error] [pid 23018] [client 44.224.22.196:40224] AH01276: Cannot serve directory /var/www/html/: No matching DirectoryIndex (index.html,index.php) found, and server-generated directory index forbidden by Options directive
To quickly solve it, make sure DocumentRoot points to a valid folder where index.php or index.html is found:
vi /etc/httpd/conf/httpd.conf
Replace:
DocumentRoot "/var/www/html"
With:
DocumentRoot "/var/www/html/easybiny/prod"
Friday, May 29, 2020
Deny Apache access by public IP - Fix error "script not found or unable to stat"
If you noticed following error in Apache error.log:
[Sat May 30 05:47:30.731862 2020] [php7:error] [pid 18581] [client 188.131.234.5 :2359] script '/var/www/html/easybiny/elrekt.php' not found or unable to stat
And corresponding Apache access.log:
188.131.234.5 - - [20/May/2020:05:47:30 +0000] "GET /elrekt.php HTTP/1.1" 404 415 0 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)" "[XF -]" 52.203.153.105
You will be noticing that user/crawler is trying to access via your public server IP - 52.203.153.105
To prevent this, you need to add the following vhost to your httpd.conf file and reload apache configs:
<VirtualHost *:80>
ServerName 52.203.153.105
Redirect 403 /
ErrorDocument 403 "Access Denied"
DocumentRoot /var/www/html/easybiny
UseCanonicalName Off
UserDir disabled
</VirtualHost>
ServerName 52.203.153.105
Redirect 403 /
ErrorDocument 403 "Access Denied"
DocumentRoot /var/www/html/easybiny
UseCanonicalName Off
UserDir disabled
</VirtualHost>
You can now test with a simple curl:
curl 52.203.153.105/elrekt.php
Access Denied
Yes - you get 403 access denied and no more errors in logs.
Saturday, May 9, 2020
Solution for Dynamics Message: To group conditions, select two or more conditions or groups ...
When trying a Group OR, following message appears:
Simply make sure you select each condition that needs to be part of OR clause:
Once all selected, you can get the desired selection as per below:
Simply make sure you select each condition that needs to be part of OR clause:
Once all selected, you can get the desired selection as per below:
Saturday, April 25, 2020
Quick parse Apache httpd error log
[user@logs]# cat error_log | cut -d " " -f 11,13,14 | sort -n | uniq -c | sort -r
728 script not found
101 AH01276: serve directory
57 AH02811: not found
25 PHP Undefined
3 server does NOT
3 PHP session_start():
1 slotmem mod_heartmonitor
1 mpm (prefork.c) is
1 line: -D FOREGROUND'
1 () PHP/7.3.11 configured
---
So most often error message is "script not found". A concrete example of error that needs to be addressed is the below:
[client 173.212.201.253:34544] script '/var/www/html/sitedomain/prod/wp-login.php' not found or unable to stat, referer: http://sitedomain.com/wp-login.php
This is to be tackled in another article :)
728 script not found
101 AH01276: serve directory
57 AH02811: not found
25 PHP Undefined
3 server does NOT
3 PHP session_start():
1 slotmem mod_heartmonitor
1 mpm (prefork.c) is
1 line: -D FOREGROUND'
1 () PHP/7.3.11 configured
---
So most often error message is "script not found". A concrete example of error that needs to be addressed is the below:
[client 173.212.201.253:34544] script '/var/www/html/sitedomain/prod/wp-login.php' not found or unable to stat, referer: http://sitedomain.com/wp-login.php
This is to be tackled in another article :)
Tuesday, April 21, 2020
Fix PHP Notice: Undefined index: HTTP_HOST in php on line
It might be that $_SERVER['HTTP_HOST'] is undefined.
To check this, better to verify using isset before instantiating it:
$link .= "http://";
if (isset($_SERVER['HTTP_HOST'])) {
$link .= $_SERVER['HTTP_HOST'];
}
To check this, better to verify using isset before instantiating it:
$link .= "http://";
if (isset($_SERVER['HTTP_HOST'])) {
$link .= $_SERVER['HTTP_HOST'];
}
Saturday, April 18, 2020
Script to check when specific SSL website certificate is to expire
#!/bin/bash
expire=$(echo | openssl s_client -servername easybiny.com -connect easybiny.com:443 2>/dev/null | openssl x509 -noout -dates | awk 'BEGIN{FS="After="} {print $2}')
date_today=$(date -d "now" +%s)
date_expire=$(date -d "$expire" +%s)
result=$(( (date_expire - date_today) / 86400 ))-days
echo $result
Running the above will prodice the desired output:
[root@x.x.x.x monitoring]# ./check-easybiny-certificate.sh
75-days
expire=$(echo | openssl s_client -servername easybiny.com -connect easybiny.com:443 2>/dev/null | openssl x509 -noout -dates | awk 'BEGIN{FS="After="} {print $2}')
date_today=$(date -d "now" +%s)
date_expire=$(date -d "$expire" +%s)
result=$(( (date_expire - date_today) / 86400 ))-days
echo $result
Running the above will prodice the desired output:
[root@x.x.x.x monitoring]# ./check-easybiny-certificate.sh
75-days
SSL Certificate - Get expiration date from shell with openssl
Very simple, just run the following command:
[root@ip-172-31-39-55 monitoring]# echo | openssl s_client -servername www.easybiny.com -connect www.easybiny.com:443 2>/dev/null | openssl x509 -noout -dates
notBefore=Mar 28 13:43:20 2020 GMT
notAfter=Jun 26 13:43:20 2020 GMT
[root@ip-172-31-39-55 monitoring]# echo | openssl s_client -servername www.easybiny.com -connect www.easybiny.com:443 2>/dev/null | openssl x509 -noout -dates
notBefore=Mar 28 13:43:20 2020 GMT
notAfter=Jun 26 13:43:20 2020 GMT
Subscribe to:
Posts (Atom)