xampp - Security Concept error [FIXED]

Status
Not open for further replies.

Livar

Now 35% cooler!
Oct 15, 2010
846
86
Hey there! It's Livar here, I've got a fix for sometime's that on xampp you go redirect to security_check and error come's up ;)


Here's the code;
PHP:
#
# XAMPP settings
#

<IfModule env_module>
    SetEnv MIBDIRS "C:/xampplite/php/extras/mibs"
    SetEnv MYSQL_HOME "C:\\xampplite\\mysql\\bin"
    SetEnv OPENSSL_CONF "C:/xampplite/apache/bin/openssl.cnf"
    SetEnv PHP_PEAR_SYSCONF_DIR "C:\\xampplite\\php"
    SetEnv PHPRC "C:\\xampplite\\php"
    SetEnv TMP "C:\\xampplite\\tmp"
    UnsetEnv PERL5LIB
</IfModule>

#
# PHP-Module setup
#
LoadFile "C:/xampplite/php/php5ts.dll"
LoadModule php5_module modules/php5apache2_2.dll

<IfModule php5_module>
    <FilesMatch "\.php$">
        SetHandler application/x-httpd-php
    </FilesMatch>
    <FilesMatch "\.phps$">
        SetHandler application/x-httpd-php-source
    </FilesMatch>

    PHPINIDir "C:/xampplite/php"
</IfModule>

#
# PHP-CGI setup
#
<IfModule !php5_module>
    <FilesMatch "\.php$">
        SetHandler application/x-httpd-php-cgi
    </FilesMatch>
    <IfModule actions_module>
        Action application/x-httpd-php-cgi "/php-cgi/php-cgi.exe"
    </IfModule>
</IfModule>


<IfModule mime_module>
    AddType text/html .php .phps
</IfModule>

ScriptAlias /php-cgi/ "C:/xampplite/php/"
<Directory "C:/xampplite/php">
    AllowOverride None
    Options None
    Order deny,allow
    Deny from all
    <Files "php-cgi.exe">
        Allow from all
    </Files>
</Directory>

<Directory "C:/xampplite/cgi-bin">
    <FilesMatch "\.php$">
        SetHandler cgi-script
    </FilesMatch>
    <FilesMatch "\.phps$">
        SetHandler None
    </FilesMatch>
</Directory>

<Directory "C:/xampplite/htdocs/xampp">
    <IfModule php5_module>
    	<Files "status.php">
    		php_admin_flag safe_mode off
    	</Files>
    </IfModule>
    AllowOverride AuthConfig
</Directory>

<IfModule alias_module>
    Alias /security "C:/xampplite/security/htdocs/"
    <Directory "C:/xampplite/security/htdocs">
        <IfModule php5_module>
    		<Files "xamppsecurity.php">
    			php_admin_flag safe_mode off
    		</Files>
        </IfModule>
        AllowOverride AuthConfig
   </Directory>

    Alias /licenses "C:/xampplite/licenses/"
    <Directory "C:/xampplite/licenses">
        Options +Indexes
        <IfModule autoindex_color_module>
            DirectoryIndexTextColor  "#000000"
            DirectoryIndexBGColor "#f8e8a0"
            DirectoryIndexLinkColor "#bb3902"
            DirectoryIndexVLinkColor "#bb3902"
            DirectoryIndexALinkColor "#bb3902"
        </IfModule>
   </Directory>

    Alias /phpmyadmin "C:/xampplite/phpMyAdmin/"
    <Directory "C:/xampplite/phpMyAdmin">
        AllowOverride AuthConfig
    </Directory>

    Alias /webalizer "C:/xampplite/webalizer/"
    <Directory "C:/xampplite/webalizer">
        <IfModule php5_module>
    		<Files "webalizer.php">
    			php_admin_flag safe_mode off
    		</Files>
        </IfModule>
        AllowOverride AuthConfig
    </Directory>
</IfModule>

#
# New XAMPP security concept
#
<LocationMatch "^/(?i:(?:xampp|security|licenses|phpmyadmin|webalizer|server-status|server-info))">
    Order deny,allow
    Allow from all
    Allow from ::1 127.0.0.0/8 \
               fc00::/7 10.0.0.0/8 172.16.0.0/12 192.168.0.0/16 \
               fe80::/10 169.254.0.0/16

    ErrorDocument 403 /error/HTTP_XAMPP_FORBIDDEN.html.var
</LocationMatch>

EDIT: Or just remove the Bits under
#
# New XAMPP security concept
#

NO, I didn't make the fix
YES, I found it on another forum
YES, I am very helpful, realy am
NO, It's not a fake


-|ivar
 

Thom

You can't touch this
Oct 1, 2010
1,305
386
That will work as long as the person is using xampplite.

Search:
PHP:
#
# New XAMPP security concept
#
Replace everything underneath it with
PHP:
#
# New XAMPP security concept
#
<LocationMatch "^/(?i:(?:xampp|security|licenses|phpmyadmin|webalizer|server-status|server-info))">
    Order deny,allow
    Allow from all

    ErrorDocument 403 /error/HTTP_XAMPP_FORBIDDEN.html.var
</LocationMatch>
 

Benson

Member
Oct 13, 2010
57
3
Search for this in %xampp_dir%\apache\conf\extra\httpd-xampp.conf:
PHP:
# New XAMPP security concept
Replace it with this (yeah, use your common sense on where to start to paste):
PHP:
#
# New XAMPP security concept
#
<LocationMatch "^/(?i:(?:xampp|licenses|phpmyadmin|webalizer|server-status|server-info))">
    Order deny,allow
    Deny from all
    Allow from ::1 127.0.0.0/8 \
               fc00::/7 10.0.0.0/8 172.16.0.0/12 192.168.0.0/16 \
               fe80::/10 169.254.0.0/16

    ErrorDocument 403 /error/HTTP_XAMPP_FORBIDDEN.html.var
</LocationMatch>

Basically, all i've done with this is remove 'security' from the list, as its a filter, sort of thing.
Hope i've helped :)
 
Status
Not open for further replies.

Users who are viewing this thread

Top