editing httpd.conf??
- Thread starter Hype.it
- Start date
Hype.it said:Help.. does anyone know how i edit this file? What command i use in terminal and erm... how i get above root (as in webserver) access?
At the terminal:
$ cd /etc/httpd
$ sudo <name of program/command> httpd.conf
sudo will ask you for your admin password and will allow you to save changes to the file. If you use BBEdit, you don't need to do that step, but if you wanted to edit it with pico for example you would type:
$ sudo pico httpd.conf
Or try
$ sudo open httpd.conf to have the Finder open it in the default App.
michaelsanford
Translator, Web Developer
Do you mean you want to set up things like subdomain.hype.it ?
That will be in a VirtualHost (Section 3) directive near line 1029, just set the DocumentRoot directive to whatever folder you want.
That will be in a VirtualHost (Section 3) directive near line 1029, just set the DocumentRoot directive to whatever folder you want.
michaelsanford said:
Thanks you, that's one thing, then there is the other...
Currently as it stand it's appears to be like this (which is the default)
URL "http://127.0.0.1/"
Path: "/Library/WebServer/Documents/"
Path: "/Library/WebServer/CGI-Executables/"
And any config files would be contained within Documents or maybe in CGI-Bin. Either way, they are accessible to users. What i'd like to know, is there a way to place them 'out of documents or www' into another folder that's considered above or out of web access. Which only the server can see, such as:
Path: "/Library/WebServer/ConFigs"
Thanks in advance.
michaelsanford
Translator, Web Developer
What config files do you mean ? Do you mean like PHP/CGI script files or server configuration files of some kind ?
Server configuration files and various things that need to be hidden from user access, only need server read and possibly execute rights.
configs.php
includes
global includes
eCommerce dbconfigs.php
I could do it on my former host with the help of the hostmaster doing something but now I've chosen to build a dedicated server and co-locate later. Anyway, this is for a off-line testing server
Please help.
configs.php
includes
global includes
eCommerce dbconfigs.php
I could do it on my former host with the help of the hostmaster doing something but now I've chosen to build a dedicated server and co-locate later. Anyway, this is for a off-line testing server
Please help.
michaelsanford
Translator, Web Developer
For some reason I've noticed that my last reply was never submitted!
Basically if it's a conifg file that sets PHP variables you don't need to protect it, really, since simply hitting the config script in a browser won't print out all the configuration variables.
Most of the sites I've written are based on this principle, and big popular apps like phpMyAdmin are also.
Basically if it's a conifg file that sets PHP variables you don't need to protect it, really, since simply hitting the config script in a browser won't print out all the configuration variables.
Most of the sites I've written are based on this principle, and big popular apps like phpMyAdmin are also.
michaelsanford
Translator, Web Developer
It's not a feature, per se, it's just the way PHP works.
Here's a short example I wipped up for you:
http://trogdor.myvnc.com:81/~amras/config_example/
Let's say you have a file called config.php containing something like:
And you called that configuration file with:
Hit config_example_local.php and see what happens. You get the output. Now hit config_example.php, you get a blank page.
Now that you even know the URL of my configuration script ( http://trogdor.myvnc.com:81/~amras/config_example/config_example.php ) try and hack it so you can print the $config variable elements...you'll have a pretty hard time doing it.
PS The thing to keep in mind here is that PHP means Hypertext PRE PROCESSOR, which means the code is executed before it's sent to the client. So even if you knew the URL of your configuration file and tried to curl it in the terminal, the server would just process the file, find there's no HTML output and download an empty file.
Here's a short example I wipped up for you:
http://trogdor.myvnc.com:81/~amras/config_example/
Let's say you have a file called config.php containing something like:
Code:
<?php
// This is an example configuration file in PHP
// by Michael Sanford for www.macosx.com
$config['username'] = 'michael';
$config['password'] = 'michael1';
$config['host'] = 'michaelsanford.com';
?>And you called that configuration file with:
Code:
<?php
// This is an example configuration file in PHP
// by Michael Sanford for www.macosx.com
// call the configuration script
include("./config_example.php");
echo "Username: " . $config['username'] . "<br />";
echo "Password: " . $config['password'] . "<br />";
echo "Host: " . $config['host'] . "<br />";
?>Hit config_example_local.php and see what happens. You get the output. Now hit config_example.php, you get a blank page.
Now that you even know the URL of my configuration script ( http://trogdor.myvnc.com:81/~amras/config_example/config_example.php ) try and hack it so you can print the $config variable elements...you'll have a pretty hard time doing it.
PS The thing to keep in mind here is that PHP means Hypertext PRE PROCESSOR, which means the code is executed before it's sent to the client. So even if you knew the URL of your configuration file and tried to curl it in the terminal, the server would just process the file, find there's no HTML output and download an empty file.
TommyWillB
Registered
Everthing you ever wanted to know about Apache can be found at Apache.org... Look in the HTTP 1.3 section.
Also, I've found it easier to change the ownership/permissions of the httpd.conf file so that I can edit is as my non-root administrator password... So I don't need to mess with any command line suff... I just use BBedit.
...Oh... and everything you want to know about PHP is at php.net.
Also, I've found it easier to change the ownership/permissions of the httpd.conf file so that I can edit is as my non-root administrator password... So I don't need to mess with any command line suff... I just use BBedit.
...Oh... and everything you want to know about PHP is at php.net.