I have installed the mod_deflate on centos. In virtual host file I have added the following
SetOutputFilter DEFLATE
SetEnvIfNoCase Request_URI \.(?:gif|jpe?g|png)$ no-gzip dont-vary
SetEnvIfNoCase Request_URI \.(?:exe|t?gz|zip|bz2|sit|rar)$ no-gzip dont-vary
SetEnvIfNoCase Request_URI \.pdf$ no-gzip dont-vary
DeflateFilterNote Input input_info
DeflateFilterNote Output output_info
DeflateFilterNote Ratio ratio_info
LogFormat '"%r" %{output_info}n/%{input_info}n (%{ratio_info}n%%)' deflate
CustomLog /var/log/httpd/deflate_log deflate
its show the compression in log also but not showing improvement in pageloading time.
Please guide for the same.
if its still not working a possible reasone will be you have not included this
LoadModule deflate_module modules/mod_deflate.so
in apache
httpd.conf
Related
after upgrading to 9.5.17 i get in the reports the following security messages:
Server Response on static files:
www.mydomain.de/typo3temp/assets/43cd7f07.tmp/2500f854.html.wrong
unexpected content-type text/html
www.mydomain.de/typo3temp/assets/43cd7f07.tmp/2500f854.1.svg.wrong
unexpected content-type image/svg+xml
www.mydomain.de/typo3temp/assets/43cd7f07.tmp/2500f854.php.wrong
unexpected content PHP content
www.mydomain.de/typo3temp/assets/43cd7f07.tmp/2500f854.php.txt
unexpected content PHP content
what does this mean?
I inspected the folder /typo3temp/assets/ - there is no folder 43cd7f07.tmp
Thanks!
The error messages you are receiving are part of a security feature that has been integrated into recent TYPO3 v9.5.17 and v10.4.2 releases, see https://docs.typo3.org/c/typo3/cms-core/master/en-us/Changelog/9.5.x/Feature-91354-IntegrateServerResponseSecurityChecks.html
Basically it means that your current server system
is evaluating files like test.php.txt (.php not at the end of the filename) still as PHP content - this can cause a security vulnerability in case somebody manages to upload a similar file (which might be considered as text/plain file, but is actually executable PHP code)
potentially remote code execution
is serving files like test.html.wrong (.html not at the end of the filename) still as text/html which triggers the browser to execute HTML tags and potential dangerous <script> tags
potentially cross-site scripting
Call for action
In case this is a live and in production server, you should adjust your web server configuration.
The fix is to limit those web server mime-type mapping only to those files having e.g. .html at the very end, like shown in this example for the Apache HTTP web server
<FilesMatch ".+\.html?$">
AddType text/html .html .htm
</FilesMatch>
Find more details and explanation in the TYPO3 security guidelines for server admins at https://docs.typo3.org/m/typo3/reference-coreapi/10.4/en-us/Security/GuidelinesAdministrators/Index.html#file-extension-handling
Update May 17th, 2020
https://gist.github.com/ohader/11d737de95895f8ca16495a8b7001c45 contains examples how to adjust an .htaccess file in case settings cannot be changed on a (shared) hosting environment.
<IfModule mod_mime.c>
RemoveType .html .htm
<FilesMatch ".+\.html?$">
AddType text/html .html
AddType text/html .htm
</FilesMatch>
RemoveType .svg .svgz
<FilesMatch ".+\.svgz?$">
AddType image/svg+xml .svg
AddType image/svg+xml .svgz
</FilesMatch>
RemoveHandler .php
<FilesMatch ".+\.php$">
# IMPORTANT: `php-fcgid` is using in THIS example
# Most probably is different for each individual configuration
SetHandler php-fcgid
# SetHandler php-script
# SetHandler application/x-httpd-php
</FilesMatch>
</IfModule>
Current handler identifier php-fcgid was identified for the example above using a phpinfo(); and searching for $_SERVER[REDIRECT_HANDLER]:
$_SERVER['REDIRECT_HANDLER'] php-fcgid
For shared hosting it can be quite hard to find out the correct handler for php.
some specialty for 1&1 Ionos, might be even special to this particular shared hosting package:
shared hosting with php 7.3 (confirmed in phpinfo), but $_SERVER['REDIRECT_HANDLER'] gives "x-mapp-php5" (not sure why, could be that the hosting is running for many years and was upgraded to php 7 and they somehow alias it for whatever reason)
The working solution for me was:
<IfModule mod_mime.c>
RemoveType .html .htm
<FilesMatch ".+\.html?$">
AddType text/html .html
AddType text/html .htm
</FilesMatch>
RemoveType .svg .svgz
<FilesMatch ".+\.svgz?$">
AddType image/svg+xml .svg
AddType image/svg+xml .svgz
</FilesMatch>
RemoveHandler .php
RemoveType .php
<FilesMatch ".+\.php$">
AddType x-mapp-php5 .php
AddHandler x-mapp-php5 .php
</FilesMatch>
</IfModule>
I had to remove both the handler/type and add them again within the filesmatch.
Took me quite a while to get this working, hope this helps.
For host-europe $_SERVER['REDIRECT_HANDLER'] was empty, php7.4:
<IfModule mod_mime.c>
....
RemoveHandler .php
RemoveType .php
<FilesMatch ".+\.php$">
# only this handler seems to work
AddType application/x-httpd-php .php
AddHandler application/x-httpd-php .php
</FilesMatch>
</IfModule>
The following solution was recommended to me by the support team of ALL-INKL.COM.
I had to contact them, because the remove statements (RemoveHandler .php) did not work.
<FilesMatch "\.(php[0-9,x]*|phtml)\.">
SetHandler text/plain
</FilesMatch>
Thanks to the ALL-INKL.COM-Support-Team
Here is some Domainfactory speciality.
Mind the ForceType directive (set your specific PHP version there). If not used, its webserver would still use mimetype-sniffing.
To be used on the bottom of the newest .htaccess template (10.4, 9.5) which includes the strict handling for .svg[z]/.htm[l] already
# DomainFactory-special:
# 1) remove mimetype-sniffing anything for PHP
# 2) force PHP 7.3 mimetype on .php files
<IfModule mod_mime.c>
RemoveType .php
<FilesMatch ".+\.php$">
ForceType application/x-httpd-php73
</FilesMatch>
</IfModule>
This works for JWEILAND, WEBGO and PHP:
<IfModule mod_mime.c>
RemoveHandler .php
RemoveType .php
<FilesMatch ".+\.php$">
SetHandler application/x-httpd-php
AddType application/x-httpd-php .php
AddHandler application/x-httpd-php .php
</FilesMatch>
</IfModule>
I try to compress my CSS and JS files, for that I set the compressionLevel in the Installtool to 9 for BE and FE. and I added following Typoscript to my setup.txt in my template:
config.compressCss = 1
config.compressJs = 1
config.concatenateCss = 1
config.concatenateJs = 1
plugin.tx_vhs.settings.asset {
fonts1 {
type = css
name = font1
path = https://fonts.googleapis.com/css?family=Istok+Web:400,700
standalone = 1
external = 1
}
styles {
type= css
name = main-style
path = EXT:my_template/Resources/Public/css/main.css
standalone = 1
}
}
Now some CSS files from extensions get compressed, but the one I add via vhs.asset does not get compressed at all.
Any idea why the compression does not work with the CSS (and JS) added via vhs.asset?
Although such an option exists in TYPO3 CMS, it is not a CMS job, but rather server's job (Apache, nginx, etc.).
So, if you have an nginx server, it can be done with following configuration (and, probably, it is already turned on in /etc/nginx/nginx.conf):
gzip on;
gzip_comp_level 6;
gzip_types text/plain text/html text/xml text/css text/javascript application/json application/xml application/xml+rss application/x-javascript;
For Apache you need a mod_deflate and following lines in your .htaccess:
<IfModule mod_deflate.c>
AddOutputFilterByType DEFLATE text/plain
AddOutputFilterByType DEFLATE text/html
AddOutputFilterByType DEFLATE text/xml
AddOutputFilterByType DEFLATE text/css
AddOutputFilterByType DEFLATE text/javascript
AddOutputFilterByType DEFLATE application/xml
AddOutputFilterByType DEFLATE application/xml+rss
AddOutputFilterByType DEFLATE application/javascript
AddOutputFilterByType DEFLATE application/x-javascript
</IfModule>
Benefits:
separation of responsibilities: server serves the assets, while CMS provides them;
more types can be compressed, not just CSS and JS;
no matter how the assets are served - TS, VHS, just linked via link or style tags - they will be always compressed;
Size of compressed data will be same in both cases (sure, depends also on compression level set), because same libraries and algorithms are used.
Try this to include your css / js :
#-------------------------------------------------
# Distribution Configuration/TypoScript/setup.ts
#-------------------------------------------------
page = PAGE
page {
# CSS files to be included
includeCSS {
myTemplate = EXT:my_template/Resources/Public/Css/main.css
}
# JS to be included (mind how other JS is included)
# includeJSFooter is also very common
includeJS {
myTemplate = EXT:my_template/Resources/Public/JavaScript/script.js
}
}
(ps: you do have to include your static template in this case)
I just upgraded to MAMP PRO 3.1, and I can't access any sites through vhosts. I can still get to the default localhost page and localhost/phpMyAdmin. If I try to create a new hosts entry or use an existing one, I get an ERR_CONNECTION_REFUSED in Chrome. I can ping the host entry and get 127.0.0.1 back, but nothing works in the browser. There's also nothing in the logs. Any help would be appreciated!
EDIT
Here is the httpd.conf according to MAMP.
ServerRoot "/Applications/MAMP/Library"
<IfModule !mpm_netware.c>
PidFile logs/httpd.pid
</IfModule>
MAMP_IP_Port_iteration_begin_MAMP
Listen MAMP_IP_Port_MAMP
MAMP_IP_Port_iteration_end_MAMP
MAMP_authn_file_module_MAMPLoadModule authn_file_module modules/mod_authn_file.so
MAMP_authn_dbm_module_MAMPLoadModule authn_dbm_module modules/mod_authn_dbm.so
MAMP_authn_anon_module_MAMPLoadModule authn_anon_module modules/mod_authn_anon.so
MAMP_authn_dbd_module_MAMPLoadModule authn_dbd_module modules/mod_authn_dbd.so
MAMP_authn_default_module_MAMPLoadModule authn_default_module modules/mod_authn_default.so
MAMP_authz_host_module_MAMPLoadModule authz_host_module modules/mod_authz_host.so
MAMP_authz_groupfile_module_MAMPLoadModule authz_groupfile_module modules/mod_authz_groupfile.so
MAMP_authz_user_module_MAMPLoadModule authz_user_module modules/mod_authz_user.so
MAMP_authz_dbm_module_MAMPLoadModule authz_dbm_module modules/mod_authz_dbm.so
MAMP_authz_owner_module_MAMPLoadModule authz_owner_module modules/mod_authz_owner.so
MAMP_authz_default_module_MAMPLoadModule authz_default_module modules/mod_authz_default.so
MAMP_auth_basic_module_MAMPLoadModule auth_basic_module modules/mod_auth_basic.so
MAMP_auth_digest_module_MAMPLoadModule auth_digest_module modules/mod_auth_digest.so
MAMP_file_cache_module_MAMPLoadModule file_cache_module modules/mod_file_cache.so
MAMP_cache_module_MAMPLoadModule cache_module modules/mod_cache.so
MAMP_disk_cache_module_MAMPLoadModule disk_cache_module modules/mod_disk_cache.so
MAMP_mem_cache_module_MAMPLoadModule mem_cache_module modules/mod_mem_cache.so
MAMP_dbd_module_MAMPLoadModule dbd_module modules/mod_dbd.so
MAMP_bucketeer_module_MAMPLoadModule bucketeer_module modules/mod_bucketeer.so
MAMP_dumpio_module_MAMPLoadModule dumpio_module modules/mod_dumpio.so
MAMP_echo_module_MAMPLoadModule echo_module modules/mod_echo.so
MAMP_case_filter_module_MAMPLoadModule case_filter_module modules/mod_case_filter.so
MAMP_case_filter_in_module_MAMPLoadModule case_filter_in_module modules/mod_case_filter_in.so
MAMP_reqtimeout_module_MAMPLoadModule reqtimeout_module modules/mod_reqtimeout.so
MAMP_ext_filter_module_MAMPLoadModule ext_filter_module modules/mod_ext_filter.so
MAMP_include_module_MAMPLoadModule include_module modules/mod_include.so
MAMP_filter_module_MAMPLoadModule filter_module modules/mod_filter.so
MAMP_substitute_module_MAMPLoadModule substitute_module modules/mod_substitute.so
MAMP_charset_lite_module_MAMPLoadModule charset_lite_module modules/mod_charset_lite.so
MAMP_deflate_module_MAMPLoadModule deflate_module modules/mod_deflate.so
MAMP_log_config_module_MAMPLoadModule log_config_module modules/mod_log_config.so
MAMP_logio_module_MAMPLoadModule logio_module modules/mod_logio.so
MAMP_env_module_MAMPLoadModule env_module modules/mod_env.so
MAMP_mime_magic_module_MAMPLoadModule mime_magic_module modules/mod_mime_magic.so
MAMP_cern_meta_module_MAMPLoadModule cern_meta_module modules/mod_cern_meta.so
MAMP_expires_module_MAMPLoadModule expires_module modules/mod_expires.so
MAMP_headers_module_MAMPLoadModule headers_module modules/mod_headers.so
MAMP_ident_module_MAMPLoadModule ident_module modules/mod_ident.so
MAMP_usertrack_module_MAMPLoadModule usertrack_module modules/mod_usertrack.so
MAMP_unique_id_module_MAMPLoadModule unique_id_module modules/mod_unique_id.so
MAMP_setenvif_module_MAMPLoadModule setenvif_module modules/mod_setenvif.so
MAMP_version_module_MAMPLoadModule version_module modules/mod_version.so
MAMP_proxy_module_MAMPLoadModule proxy_module modules/mod_proxy.so
MAMP_proxy_connect_module_MAMPLoadModule proxy_connect_module modules/mod_proxy_connect.so
MAMP_proxy_ftp_module_MAMPLoadModule proxy_ftp_module modules/mod_proxy_ftp.so
MAMP_proxy_http_module_MAMPLoadModule proxy_http_module modules/mod_proxy_http.so
MAMP_proxy_scgi_module_MAMPLoadModule proxy_scgi_module modules/mod_proxy_scgi.so
MAMP_proxy_ajp_module_MAMPLoadModule proxy_ajp_module modules/mod_proxy_ajp.so
MAMP_proxy_balancer_module_MAMPLoadModule proxy_balancer_module modules/mod_proxy_balancer.so
MAMP_ssl_module_MAMPLoadModule ssl_module modules/mod_ssl.so
MAMP_mime_module_MAMPLoadModule mime_module modules/mod_mime.so
MAMP_dav_module_MAMPLoadModule dav_module modules/mod_dav.so
MAMP_status_module_MAMPLoadModule status_module modules/mod_status.so
MAMP_autoindex_module_MAMPLoadModule autoindex_module modules/mod_autoindex.so
MAMP_asis_module_MAMPLoadModule asis_module modules/mod_asis.so
MAMP_info_module_MAMPLoadModule info_module modules/mod_info.so
MAMP_cgi_module_MAMPLoadModule cgi_module modules/mod_cgi.so
MAMP_fastcgi_module_MAMPLoadModule fastcgi_module modules/mod_fastcgi.so
MAMP_cgid_module_MAMPLoadModule cgid_module modules/mod_cgid.so
MAMP_dav_fs_module_MAMPLoadModule dav_fs_module modules/mod_dav_fs.so
MAMP_vhost_alias_module_MAMPLoadModule vhost_alias_module modules/mod_vhost_alias.so
MAMP_negotiation_module_MAMPLoadModule negotiation_module modules/mod_negotiation.so
MAMP_dir_module_MAMPLoadModule dir_module modules/mod_dir.so
MAMP_imagemap_module_MAMPLoadModule imagemap_module modules/mod_imagemap.so
MAMP_actions_module_MAMPLoadModule actions_module modules/mod_actions.so
MAMP_speling_module_MAMPLoadModule speling_module modules/mod_speling.so
MAMP_userdir_module_MAMPLoadModule userdir_module modules/mod_userdir.so
MAMP_alias_module_MAMPLoadModule alias_module modules/mod_alias.so
MAMP_rewrite_module_MAMPLoadModule rewrite_module modules/mod_rewrite.so
MAMP_perl_module_MAMPLoadModule perl_module modules/mod_perl.so
MAMP_wsgi_module_MAMPLoadModule wsgi_module modules/mod_wsgi.so
MAMP_xsendfile_module_MAMPLoadModule xsendfile_module modules/mod_xsendfile.so
MAMP_php_module_MAMP
MAMP_php_ini_dir_MAMP
#
AddType application/x-httpd-php .php .phtml
# Security: Disable HTTP TRACE support
TraceEnable off
<IfModule !mpm_netware_module>
<IfModule !mpm_winnt_module>
#
# If you wish httpd to run as a different user or group, you must run
# httpd as root initially and it will switch.
#
# User/Group: The name (or #number) of the user/group to run httpd as.
# It is usually good practice to create a dedicated user and group for
# running httpd, as with most system services.
#
User MAMP_User_MAMP
Group MAMP_Group_MAMP
</IfModule>
</IfModule>
# 'Main' server configuration
#
# The directives in this section set up the values used by the 'main'
# server, which responds to any requests that aren't handled by a
# <VirtualHost> definition. These values also provide defaults for
# any <VirtualHost> containers you may define later in the file.
#
# All of these directives may appear inside <VirtualHost> containers,
# in which case these default settings will be overridden for the
# virtual host being defined.
#
#
# ServerAdmin: Your address, where problems with the server should be
# e-mailed. This address appears on some server-generated pages, such
# as error documents. e.g. admin#your-domain.com
#
ServerAdmin you#example.com
#
# ServerName gives the name and port that the server uses to identify itself.
# This can often be determined automatically, but we recommend you specify
# it explicitly to prevent problems during startup.
#
# If your host doesn't have a registered DNS name, enter its IP address here.
#
ServerName MAMP_ServerName_MAMP
#
# DocumentRoot: The directory out of which you will serve your
# documents. By default, all requests are taken from this directory, but
# symbolic links and aliases may be used to point to other locations.
#
# MAMP DOCUMENT_ROOT !! Don't remove this line !!
DocumentRoot "MAMP_DocumentRoot_MAMP"
#
# Each directory to which Apache has access can be configured with respect
# to which services and features are allowed and/or disabled in that
# directory (and its subdirectories).
#
# First, we configure the "default" to be a very restrictive set of
# features.
#
<Directory />
Options Includes
AllowOverride None
</Directory>
#
# Note that from this point forward you must specifically allow
# particular features to be enabled - so if something's not working as
# you might expect, make sure that you have specifically enabled it
# below.
#
<IfModule xsendfile_module>
XSendFile on
</IfModule>
#
# This should be changed to whatever you set DocumentRoot to.
#
<Directory "MAMP_DocumentRoot_MAMP">
#
# Possible values for the Options directive are "None", "All",
# or any combination of:
# Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
#
# Note that "MultiViews" must be named *explicitly* --- "Options All"
# doesn't give it to you.
#
# The Options directive is both complicated and important. Please see
# http://httpd.apache.org/docs/2.2/mod/core.html#options
# for more information.
#
Options MAMP_DocumentRoot_Options_MAMP
#
# AllowOverride controls what directives may be placed in .htaccess files.
# It can be "All", "None", or any combination of the keywords:
# Options FileInfo AuthConfig Limit
#
AllowOverride All
#
# Controls who can get stuff from this server.
#
Order allow,deny
Allow from all
<IfModule xsendfile_module>
XSendFilePath "MAMP_DocumentRoot_MAMP"
</IfModule>
</Directory>
#
# DirectoryIndex: sets the file that Apache will serve if a directory
# is requested.
#
<IfModule dir_module>
DirectoryIndex index.html index.php
<IfModule perl_module>
DirectoryIndex index.pl
</IfModule>
<IfModule wsgi_module>
DirectoryIndex index.wsgi index.py
</IfModule>
</IfModule>
#
# AccessFileName: The name of the file to look for in each directory
# for additional configuration directives. See also the AllowOverride
# directive.
#
AccessFileName .htaccess
#
# The following lines prevent .htaccess and .htpasswd files from being
# viewed by Web clients.
#
<FilesMatch "^\.ht">
Order allow,deny
Deny from all
Satisfy All
</FilesMatch>
<Files ~ "^\.DS_Store">
Order allow,deny
Deny from all
</Files>
#
# ErrorLog: The location of the error log file.
# If you do not specify an ErrorLog directive within a <VirtualHost>
# container, error messages relating to that virtual host will be
# logged here. If you *do* define an error logfile for a <VirtualHost>
# container, that host's errors will be logged there and not here.
#
ErrorLog "MAMP_ErrorLog_MAMP"
#
# LogLevel: Control the number of messages logged to the error_log.
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
#
LogLevel error
#
# ServerTokens
# This directive configures what you return as the Server HTTP response
# Header. The default is 'Full' which sends information about the OS-Type
# and compiled in modules.
# Set to one of: Full | OS | Minor | Minimal | Major | Prod
# where Full conveys the most information, and Prod the least.
#
#ServerTokens Full
ServerTokens Prod
#
# Optionally add a line containing the server version and virtual host
# name to server-generated pages (internal error documents, FTP directory
# listings, mod_status and mod_info output etc., but not CGI generated
# documents or custom error documents).
# Set to "EMail" to also include a mailto: link to the ServerAdmin.
# Set to one of: On | Off | EMail
#
ServerSignature Off
<IfModule log_config_module>
#
# The following directives define some format nicknames for use with
# a CustomLog directive (see below).
#
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %b" common
<IfModule logio_module>
# You need to enable mod_logio.c to use %I and %O
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
</IfModule>
#
# The location and format of the access logfile (Common Logfile Format).
# If you do not define any access logfiles within a <VirtualHost>
# container, they will be logged here. Contrariwise, if you *do*
# define per-<VirtualHost> access logfiles, transactions will be
# logged therein and *not* in this file.
#
#CustomLog "/Applications/MAMP/logs/apache_access.log" common
#
# If you prefer a logfile with access, agent, and referer information
# (Combined Logfile Format) you can use the following directive.
#
#CustomLog "/Applications/MAMP/logs/apache_access.log" combined
</IfModule>
<IfModule alias_module>
#
# Redirect: Allows you to tell clients about documents that used to
# exist in your server's namespace, but do not anymore. The client
# will make a new request for the document at its new location.
# Example:
# Redirect permanent /foo http://www.example.com/bar
#
# Alias: Maps web paths into filesystem paths and is used to
# access content that does not live under the DocumentRoot.
# Example:
# Alias /webpath /full/filesystem/path
#
# If you include a trailing / on /webpath then the server will
# require it to be present in the URL. You will also likely
# need to provide a <Directory> section to allow access to
# the filesystem path.
#
# We include the /icons/ alias for FancyIndexed directory listings. If you
# do not use FancyIndexing, you may comment this out.
#
Alias /icons/ "/Applications/MAMP/Library/icons/"
<Directory "/Applications/MAMP/Library/icons">
Options Indexes MultiViews
AllowOverride None
Order allow,deny
Allow from all
</Directory>
Alias /phpMyAdmin "/Library/Application Support/appsolute/MAMP PRO/phpMyAdmin"
Alias /phpmyadmin "/Library/Application Support/appsolute/MAMP PRO/phpMyAdmin"
<Directory "/Library/Application Support/appsolute/MAMP PRO/phpMyAdmin">
Options Indexes
AllowOverride None
Order deny,allow
Deny from all
Allow from localhost
Allow from 127.0.0.1
Allow from ::1
</Directory>
Alias /phpPgAdmin "/Library/Application Support/appsolute/MAMP PRO/phpPgAdmin"
Alias /phppgadmin "/Library/Application Support/appsolute/MAMP PRO/phpPgAdmin"
<Directory "/Library/Application Support/appsolute/MAMP PRO/phpPgAdmin">
Options Indexes
AllowOverride None
Order deny,allow
Deny from all
Allow from localhost
Allow from 127.0.0.1
Allow from ::1
</Directory>
Alias /phpLiteAdmin "/Applications/MAMP/bin/phpLiteAdmin"
Alias /phpliteadmin "/Applications/MAMP/bin/phpLiteAdmin"
<Directory "/Applications/MAMP/bin/phpLiteAdmin">
Options Indexes
AllowOverride None
Order deny,allow
Deny from all
Allow from localhost
Allow from 127.0.0.1
Allow from ::1
</Directory>
Alias /SQLiteManager "/Applications/MAMP/bin/SQLiteManager"
Alias /sqlitemanager "/Applications/MAMP/bin/SQLiteManager"
<Directory "/Applications/MAMP/bin/SQLiteManager">
Options Indexes
AllowOverride None
Order deny,allow
Deny from all
Allow from localhost
Allow from 127.0.0.1
Allow from ::1
</Directory>
Alias /MAMP "/Library/Application Support/appsolute/MAMP PRO/mamp"
<Directory "/Library/Application Support/appsolute/MAMP PRO/mamp">
Options Indexes
AllowOverride None
Order deny,allow
Deny from all
Allow from localhost
Allow from 127.0.0.1
Allow from ::1
</Directory>
Alias /MAMP/favicon.ico "/Applications/MAMP/bin/favicon.ico"
#
# ScriptAlias: This controls which directories contain server scripts.
# ScriptAliases are essentially the same as Aliases, except that
# documents in the target directory are treated as applications and
# run by the server when requested rather than as documents sent to the
# client. The same rules about trailing "/" apply to ScriptAlias
# directives as to Alias.
#
ScriptAlias /cgi-bin/ "/Applications/MAMP/cgi-bin/"
Alias /perl/ "/Applications/MAMP/cgi-bin/"
<IfModule perl_module>
PerlModule ModPerl::Registry
<Location /perl>
SetHandler perl-script
PerlResponseHandler ModPerl::Registry
PerlOptions +ParseHeaders
Options +ExecCGI
</Location>
</IfModule>
</IfModule>
<IfModule cgid_module>
#
# ScriptSock: On threaded servers, designate the path to the UNIX
# socket used to communicate with the CGI daemon of mod_cgid.
#
#Scriptsock logs/cgisock
</IfModule>
#
# "/Applications/MAMP/cgi-bin" should be changed to whatever your ScriptAliased
# CGI directory exists, if you have that configured.
#
<Directory "/Applications/MAMP/cgi-bin">
AllowOverride None
Options None
Order allow,deny
Allow from all
</Directory>
#
# DefaultType: the default MIME type the server will use for a document
# if it cannot otherwise determine one, such as from filename extensions.
# If your server contains mostly text or HTML documents, "text/plain" is
# a good value. If most of your content is binary, such as applications
# or images, you may want to use "application/octet-stream" instead to
# keep browsers from trying to display binary files as though they are
# text.
#
DefaultType text/plain
<IfModule mime_module>
#
# TypesConfig points to the file containing the list of mappings from
# filename extension to MIME-type.
#
TypesConfig /Applications/MAMP/conf/apache/mime.types
#
# AddType allows you to add to or override the MIME configuration
# file specified in TypesConfig for specific file types.
#
#AddType application/x-gzip .tgz
#
# AddEncoding allows you to have certain browsers uncompress
# information on the fly. Note: Not all browsers support this.
#
#AddEncoding x-compress .Z
#AddEncoding x-gzip .gz .tgz
#
# If the AddEncoding directives above are commented-out, then you
# probably should define those extensions to indicate media types:
#
AddType application/x-compress .Z
AddType application/x-gzip .gz .tgz
#
# AddHandler allows you to map certain file extensions to "handlers":
# actions unrelated to filetype. These can be either built into the server
# or added with the Action directive (see below)
#
# To use CGI scripts outside of ScriptAliased directories:
# (You will also need to add "ExecCGI" to the "Options" directive.)
#
AddHandler cgi-script .cgi .pl
AddHandler wsgi-script .wsgi .py
# For type maps (negotiated resources):
#AddHandler type-map var
#
# Filters allow you to process content before it is sent to the client.
#
# To parse .shtml files for server-side includes (SSI):
# (You will also need to add "Includes" to the "Options" directive.)
#
AddType text/html .shtml
AddOutputFilter INCLUDES .shtml
</IfModule>
#
# The mod_mime_magic module allows the server to use various hints from the
# contents of the file itself to determine its type. The MIMEMagicFile
# directive tells the module where the hint definitions are located.
#
<IfModule mime_magic_module>
MIMEMagicFile /Applications/MAMP/conf/apache/magic
</IfModule>
<IfModule ssl_module>
SSLRandomSeed startup file:/dev/urandom 1024
SSLRandomSeed connect file:/dev/urandom 1024
#
# Uncomment the next line if Apache should not accept SSLv3 connections, to learn more google for "POODLE SSLv3".
# SSLProtocol All -SSLv2 -SSLv3
</IfModule>
#
# Customizable error responses come in three flavors:
# 1) plain text 2) local redirects 3) external redirects
#
# Some examples:
#ErrorDocument 500 "The server made a boo boo."
#ErrorDocument 404 /missing.html
#ErrorDocument 404 "/cgi-bin/missing_handler.pl"
#ErrorDocument 402 http://www.example.com/subscription_info.html
#
#
# EnableMMAP and EnableSendfile: On systems that support it,
# memory-mapping or the sendfile syscall is used to deliver
# files. This usually improves server performance, but must
# be turned off when serving from networked-mounted
# filesystems or if support for these functions is otherwise
# broken on your system.
#
#EnableMMAP off
#EnableSendfile off
#
# UserDir: The name of the directory that is appended onto a user's home
# directory if a ~user request is received. Note that you must also set
# the default access control for these directories, as in the example below.
#
<IfModule mod_userdir>
UserDir MAMP_UserDir_MAMP
#
# Control access to UserDir directories. The following is an example
# for a site where these directories are restricted to read-only.
#
<Directory "MAMP_UserDir_MAMP">
AllowOverride FileInfo AuthConfig Limit Indexes
Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
<Limit GET POST OPTIONS>
Order allow,deny
Allow from all
</Limit>
<LimitExcept GET POST OPTIONS>
Order deny,allow
Deny from all
</LimitExcept>
</Directory>
</IfModule>
<IfModule mod_fastcgi.c>
# URIs that begin with /fcgi-bin/, are found in /var/www/fcgi-bin/
Alias /fcgi-bin/ "/Applications/MAMP/fcgi-bin/"
# Anything in here is handled as a "dynamic" server if not defined as "static" or "external"
<Directory "/Applications/MAMP/fcgi-bin/">
SetHandler fastcgi-script
Options +ExecCGI
</Directory>
# Anything with one of these extensions is handled as a "dynamic" server if not defined as
# "static" or "external". Note: "dynamic" servers require ExecCGI to be on in their directory.
AddHandler fastcgi-script .fcgi .fpl
MAMP_ActionPhpCgi_MAMP
MAMP_FastCgiServer_MAMP
</IfModule>
MAMP_VirtualHosts_begin_MAMP
#
# MAMP virtual hosts
#
MAMP_IP_or_Star_Port_iteration_begin_MAMP
NameVirtualHost MAMP_IP_or_Star_Port_MAMP
MAMP_IP_or_Star_Port_iteration_end_MAMP
MAMP_Port_iteration_begin_MAMP
#<VirtualHost _default_:MAMP_Port_MAMP>
# DocumentRoot "MAMP_DocumentRoot_MAMP"
#</VirtualHost>
MAMP_Port_iteration_end_MAMP
MAMP_VirtualHost_iteration_begin_MAMP
<VirtualHost MAMP_VirtualHost_IP_MAMP:MAMP_VirtualHost_Port_MAMP>
ServerName MAMP_VirtualHost_ServerName_MAMP
MAMP_VirtualHost_ServerAdmin_MAMP
MAMP_VirtualHost_DirectoryIndex_MAMP
DocumentRoot "MAMP_VirtualHost_DocumentRoot_MAMP"
<IfModule xsendfile_module>
XSendFilePath "MAMP_VirtualHost_DocumentRoot_MAMP"
</IfModule>
MAMP_VirtualHost_ServerAliases_MAMP
<Directory "MAMP_VirtualHost_DocumentRoot_MAMP">
Options MAMP_VirtualHost_Options_MAMP
AllowOverride MAMP_VirtualHost_AllowOverride_MAMP
Order MAMP_VirtualHost_Order_MAMP
Allow MAMP_VirtualHost_Allow_MAMP
MAMP_VirtualHost_DirectoryCustom_MAMP
</Directory>
MAMP_VirtualHost_WSGIDAEMON_MAMP
MAMP_VirtualHost_WSGIAPP_MAMP
MAMP_VirtualHost_ActionPhpCgi_MAMP
MAMP_VirtualHost_AdditionalCustom_MAMP
</VirtualHost>
MAMP_VirtualHost_iteration_end_MAMP
MAMP_VirtualHosts_end_MAMP
#
# Supplemental configuration
#
# The configuration files in the /Applications/MAMP/conf/apache/extra/ directory can be
# included to add extra features or to modify the default configuration of
# the server, or you may simply copy their contents here and change as
# necessary.
# Server-pool management (MPM specific)
#Include /Applications/MAMP/conf/apache/extra/httpd-mpm.conf
# Multi-language error messages
#Include /Applications/MAMP/conf/apache/extra/httpd-multilang-errordoc.conf
# Fancy directory listings
#Include /Applications/MAMP/conf/apache/extra/httpd-autoindex.conf
# Language settings
#Include /Applications/MAMP/conf/apache/extra/httpd-languages.conf
# Real-time info on requests and configuration
#Include /Applications/MAMP/conf/apache/extra/httpd-info.conf
# Local access to the Apache HTTP Server Manual
#Include /Applications/MAMP/conf/apache/extra/httpd-manual.conf
# Distributed authoring and versioning (WebDAV)
#Include /Applications/MAMP/conf/apache/extra/httpd-dav.conf
# Various default settings
#Include /Applications/MAMP/conf/apache/extra/httpd-default.conf
# Secure (SSL/TLS) connections
MAMP_SSL_Include_MAMP
# DONT REMOVE: MAMP PRO httpd.conf template compatibility version: 17
took me 2 hours to figure out that mamp automatically redirects to www.yourhost.local from yourhost.local but etc/host didn't get 127.0.0.1 www.yourhost.local
so try either add
127.0.0.1 www.yourhost.local
to your etc/hosts
or make mamp not to redirect to www.
I had this as well and I reinstalled MAMP PRO. Did not help.
BUT I had deleted a folder which was my root folder when I recreated that folder (empty) everything worked again
In my case it looked like this
under tab HOSTS
left window
localhost Document root (bottom right window) read Username > Sites > keeper
I had deleted the folder keeper and it did not work. When I created a new empty folder with the name keeper it worked again. I do not remember changing the folder to localhost, but I must have done it.
I have a .mobileconfig file in one URL. I am sending the Http post from xcode(When a button is clicked), the http post contains the .mobileconfig url. Can i download that file when the button is clicked ?
When it comes to serving up this file. It needs to be served up with a MIME Content-Type of application/x-apple-aspen-config. You may be able to do this by adding a line to your server's configuration or .htaccess file in the folder with:
<IfModule mod_mime.c>
AddType application/x-apple-aspen-config .mobileconfig
</IfModule>
If serving the file from within PHP, you may do something like:
header('Content-type: application/x-apple-aspen-config; charset=utf-8');
header('Content-Disposition: attachment; filename="company.mobileconfig"');
echo $mobileconfig;
Small correction: that is not "chatset", it is Charset. Be sure which charset you want:
header('Content-type: application/x-apple-aspen-config; Charset=utf-8');
header('Content-Disposition: attachment; filename="company.mobileconfig"');
echo $mobileconfig;
I'm trying to set some htaccess rules for a specific Kohana controller. Basically its to do with form uploads. The majority of the site doesn't want to allow for large uploads so the php.ini will remain with the recommended settings.
However in one place a large file upload is required. I have the following options to add in my root .htaccess:
php_value max_input_time 60000
php_value post_max_size "1GB"
php_value upload_max_filesize "1GB"
php_value memory_limit "128MB"
But I don't know what to do to make it apply just for one controller (i.e. http://www.mysite.com/massiveupload).
Any help would be appreciated.
There's also another solution. Again thanks to #LazyOne for the tip. This one is much neater, but it requires updating the Apache config directly (so you cannot deploy it on a shared hosting).
All you have to do is add this to your httpd.conf or vhosts.conf (inside <Directory> or <VirtualHost> as per Apache Docs).
<LocationMatch /massiveupload>
php_flag max_input_time 60000
php_value post_max_size 1024M
php_value upload_max_filesize 1024M
php_value memory_limit 128M
</LocationMatch>
Restart your server and it should just work!
Note, that although LocationMatch parses the /massiveupload as a regular expression, we cannot use ^/massiveupload (note the ^ char to match beginning of the string). This is because it will fail if you use a ModRewrite (which changes the final request url internally).
Note, you shouldn't make upload_max_filesize and post_max_size the exact same size, because if you upload a file that just reaches the upload_max_filesize limit, any other post data will cause it to exceed the post_max_size and the form submission will fail.
What #LazyOne suggested is fairly easy to accomplish actually.
Consider this folder structure (only listing the most important files/folders):
application/
bootstrap.php
lib/
kohana-3.0.8/
modules/
system/
public_html/ <----- this is your DOCUMENT_ROOT
.htaccess
index.php
And consider you're using default Kohana's .htaccess:
RewriteEngine On
RewriteBase /
<Files .*>
Order Deny,Allow
Deny From All
</Files>
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule .* index.php/$0 [PT]
Now create an upload/ folder in your public_html/.
Copy both .htaccess and index.php from your DOCUMENT_ROOT to the upload/ folder.
Edit your upload/.htaccess: (only new changed lines displayed)
php_flag max_input_time 86400
php_value post_max_size 1536M
php_value upload_max_filesize 1024M
RewriteEngine On
RewriteBase /upload/
...
RewriteRule .* index.php/upload/$0 [PT]
Edit your upload/index.php and update all paths ($application, $modules, $system).
You can download the whole tested package
Create an upload controller.
Additionally you could split index.php into two parts (cut after defining the paths) so you don't duplicate the whole file.
Setup like this worked just well for me and you can download my test application from here: http://d.pr/ioYk